<!DOCTYPE html>
<html class="client-nojs" lang="en" dir="ltr">
<head>
<meta charset="UTF-8"/>
<title>Mirai (malware) - Wikipedia</title>
<script>document.documentElement.className="client-js";RLCONF={"wgBreakFrames":false,"wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy","wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgRequestId":"c5bf2e43-9a15-413a-b377-4f765ae0c94c","wgCSPNonce":false,"wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"Mirai_(malware)","wgTitle":"Mirai (malware)","wgCurRevisionId":1061190577,"wgRevisionId":1061190577,"wgArticleId":52046315,"wgIsArticle":true,"wgIsRedirect":false,"wgAction":"view","wgUserName":null,"wgUserGroups":["*"],"wgCategories":["CS1 maint: archived copy as title","Webarchive template wayback links","Articles with short description","Short description matches Wikidata","Articles containing Japanese-language text","All articles with unsourced statements","Articles with unsourced statements from April 2018",
"Denial-of-service attacks","Botnets","Free software","Free software programmed in C","Free software programmed in Go","IoT malware","Linux malware"],"wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgRelevantPageName":"Mirai_(malware)","wgRelevantArticleId":52046315,"wgIsProbablyEditable":true,"wgRelevantPageIsProbablyEditable":true,"wgRestrictionEdit":[],"wgRestrictionMove":[],"wgFlaggedRevsParams":{"tags":{"status":{"levels":-1}}},"wgPopupsFlags":10,"wgVisualEditor":{"pageLanguageCode":"en","pageLanguageDir":"ltr","pageVariantFallbacks":"en"},"wgMFDisplayWikibaseDescriptions":{"search":true,"nearby":true,"watchlist":true,"tagline":false},"wgWMESchemaEditAttemptStepOversample":false,"wgWMEPageLength":40000,"wgNoticeProject":"wikipedia","wgMediaViewerOnClick":true,"wgMediaViewerEnabledByDefault":true,"wgULSCurrentAutonym":"English","wgEditSubmitButtonLabelPublish":true,"wgCentralAuthMobileDomain":false,"wgULSPosition":"interlanguage","wgULSisCompactLinksEnabled":true,
"wgWikibaseItemId":"Q27517815","wgGENewcomerTasksGuidanceEnabled":true,"wgGEAskQuestionEnabled":false,"wgGELinkRecommendationsFrontendEnabled":false};RLSTATE={"ext.globalCssJs.user.styles":"ready","site.styles":"ready","user.styles":"ready","ext.globalCssJs.user":"ready","user":"ready","user.options":"loading","ext.cite.styles":"ready","skins.vector.styles.legacy":"ready","jquery.makeCollapsible.styles":"ready","ext.visualEditor.desktopArticleTarget.noscript":"ready","ext.wikimediaBadges":"ready","ext.uls.interlanguage":"ready","wikibase.client.init":"ready"};RLPAGEMODULES=["ext.cite.ux-enhancements","site","mediawiki.page.ready","jquery.makeCollapsible","mediawiki.toc","skins.vector.legacy.js","ext.gadget.ReferenceTooltips","ext.gadget.charinsert","ext.gadget.extra-toolbar-buttons","ext.gadget.refToolbar","ext.gadget.switcher","mmv.head","mmv.bootstrap.autostart","ext.popups","ext.visualEditor.desktopArticleTarget.init","ext.visualEditor.targetLoader","ext.eventLogging",
"ext.wikimediaEvents","ext.navigationTiming","ext.cx.eventlogging.campaigns","ext.centralNotice.geoIP","ext.centralNotice.startUp","ext.centralauth.centralautologin","ext.uls.compactlinks","ext.uls.interface","ext.growthExperiments.SuggestedEditSession"];</script>
<script>(RLQ=window.RLQ||[]).push(function(){mw.loader.implement("user.options@1hzgi",function($,jQuery,require,module){mw.user.tokens.set({"patrolToken":"+\\","watchToken":"+\\","csrfToken":"+\\"});});});</script>
<link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=ext.cite.styles%7Cext.uls.interlanguage%7Cext.visualEditor.desktopArticleTarget.noscript%7Cext.wikimediaBadges%7Cjquery.makeCollapsible.styles%7Cskins.vector.styles.legacy%7Cwikibase.client.init&amp;only=styles&amp;skin=vector"/>
<script async="" src="/w/load.php?lang=en&amp;modules=startup&amp;only=scripts&amp;raw=1&amp;skin=vector"></script>
<meta name="ResourceLoaderDynamicStyles" content=""/>
<link rel="stylesheet" href="/w/load.php?lang=en&amp;modules=site.styles&amp;only=styles&amp;skin=vector"/>
<meta name="generator" content="MediaWiki 1.38.0-wmf.13"/>
<meta name="referrer" content="origin"/>
<meta name="referrer" content="origin-when-crossorigin"/>
<meta name="referrer" content="origin-when-cross-origin"/>
<meta name="format-detection" content="telephone=no"/>
<meta property="og:title" content="Mirai (malware) - Wikipedia"/>
<meta property="og:type" content="website"/>
<link rel="preconnect" href="//upload.wikimedia.org"/>
<link rel="alternate" media="only screen and (max-width: 720px)" href="//en.m.wikipedia.org/wiki/Mirai_(malware)"/>
<link rel="alternate" type="application/x-wiki" title="Edit this page" href="/w/index.php?title=Mirai_(malware)&amp;action=edit"/>
<link rel="apple-touch-icon" href="/static/apple-touch/wikipedia.png"/>
<link rel="shortcut icon" href="/static/favicon/wikipedia.ico"/>
<link rel="search" type="application/opensearchdescription+xml" href="/w/opensearch_desc.php" title="Wikipedia (en)"/>
<link rel="EditURI" type="application/rsd+xml" href="//en.wikipedia.org/w/api.php?action=rsd"/>
<link rel="license" href="https://creativecommons.org/licenses/by-sa/3.0/"/>
<link rel="canonical" href="https://en.wikipedia.org/wiki/Mirai_(malware)"/>
<link rel="dns-prefetch" href="//meta.wikimedia.org" />
<link rel="dns-prefetch" href="//login.wikimedia.org"/>
</head>
<body class="mediawiki ltr sitedir-ltr mw-hide-empty-elt ns-0 ns-subject mw-editable page-Mirai_malware rootpage-Mirai_malware skin-vector action-view skin-vector-legacy"><div id="mw-page-base" class="noprint"></div>
<div id="mw-head-base" class="noprint"></div>
<div id="content" class="mw-body" role="main">
	<a id="top"></a>
	<div id="siteNotice"><!-- CentralNotice --></div>
	<div class="mw-indicators">
	</div>
	<h1 id="firstHeading" class="firstHeading" >Mirai (malware)</h1>
	<div id="bodyContent" class="vector-body">
		<div id="siteSub" class="noprint">From Wikipedia, the free encyclopedia</div>
		<div id="contentSub"></div>
		<div id="contentSub2"></div>
		
		<div id="jump-to-nav"></div>
		<a class="mw-jump-link" href="#mw-head">Jump to navigation</a>
		<a class="mw-jump-link" href="#searchInput">Jump to search</a>
		<div id="mw-content-text" class="mw-body-content mw-content-ltr" lang="en" dir="ltr"><div class="mw-parser-output"><div class="shortdescription nomobile noexcerpt noprint searchaux" style="display:none">Malware that turns computer systems running Linux into remotely controlled "bots"</div>
<style data-mw-deduplicate="TemplateStyles:r1048617464">.mw-parser-output .infobox-subbox{padding:0;border:none;margin:-3px;width:auto;min-width:100%;font-size:100%;clear:none;float:none;background-color:transparent}.mw-parser-output .infobox-3cols-child{margin:auto}</style><table class="infobox vevent"><caption class="infobox-title summary">Mirai</caption><tbody><tr><th scope="row" class="infobox-label" style="white-space: nowrap;"><a href="/wiki/Programmer" title="Programmer">Original author(s)</a></th><td class="infobox-data">Paras Jha, Josiah White and Dalton Norman<br /></td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;"><a href="/wiki/Repository_(version_control)" title="Repository (version control)">Repository</a></th><td class="infobox-data"><div class="plainlist"><ul><li><span class="url"><a rel="nofollow" class="external text" href="https://github.com/jgamblin/Mirai-Source-Code">github<wbr />.com<wbr />/jgamblin<wbr />/Mirai-Source-Code</a></span> <a href="https://www.wikidata.org/wiki/Q27517815#P1324" title="Edit this at Wikidata"><img alt="Edit this at Wikidata" src="//upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/10px-OOjs_UI_icon_edit-ltr-progressive.svg.png" decoding="async" width="10" height="10" style="vertical-align: text-top" srcset="//upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/15px-OOjs_UI_icon_edit-ltr-progressive.svg.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/20px-OOjs_UI_icon_edit-ltr-progressive.svg.png 2x" data-file-width="20" data-file-height="20" /></a></li></ul>
</div></td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;">Written in</th><td class="infobox-data"><a href="/wiki/C_(programming_language)" title="C (programming language)">C</a> (agent), <a href="/wiki/Go_(programming_language)" title="Go (programming language)">Go</a> (controller)</td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;"><a href="/wiki/Operating_system" title="Operating system">Operating system</a></th><td class="infobox-data"><a href="/wiki/Linux" title="Linux">Linux</a></td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;"><a href="/wiki/Software_categories#Categorization_approaches" title="Software categories">Type</a></th><td class="infobox-data"><a href="/wiki/Botnet" title="Botnet">Botnet</a></td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;"><a href="/wiki/Software_license" title="Software license">License</a></th><td class="infobox-data"><a href="/wiki/GNU_General_Public_License" title="GNU General Public License">GNU General Public License v3.0</a></td></tr><tr><th scope="row" class="infobox-label" style="white-space: nowrap;">Website</th><td class="infobox-data"><span class="url"><a rel="nofollow" class="external text" href="https://github.com/jgamblin/Mirai-Source-Code">github<wbr />.com<wbr />/jgamblin<wbr />/Mirai-Source-Code</a></span>&#160;<span class="penicon autoconfirmed-show"><a href="https://www.wikidata.org/wiki/Q27517815?uselang=en#P856" title="Edit this on Wikidata"><img alt="Edit this on Wikidata" src="//upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/10px-OOjs_UI_icon_edit-ltr-progressive.svg.png" decoding="async" width="10" height="10" style="vertical-align: text-top" srcset="//upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/15px-OOjs_UI_icon_edit-ltr-progressive.svg.png 1.5x, //upload.wikimedia.org/wikipedia/en/thumb/8/8a/OOjs_UI_icon_edit-ltr-progressive.svg/20px-OOjs_UI_icon_edit-ltr-progressive.svg.png 2x" data-file-width="20" data-file-height="20" /></a></span></td></tr></tbody></table>
<p><b>Mirai</b> (<a href="/wiki/Japanese_language" title="Japanese language">Japanese</a>: <span lang="ja">未来</span>, <small><a href="/wiki/Literal_translation" title="Literal translation">lit.</a>&#8201;</small>&#39;future&#39;) is a <a href="/wiki/Malware" title="Malware">malware</a> that turns networked devices running <a href="/wiki/Linux" title="Linux">Linux</a> into remotely controlled <a href="/wiki/Internet_bot" title="Internet bot">bots</a> that can be used as part of a <a href="/wiki/Botnet" title="Botnet">botnet</a> in large-scale network attacks. It primarily targets online consumer devices such as <a href="/wiki/IP_camera" title="IP camera">IP cameras</a> and <a href="/wiki/Residential_gateway" title="Residential gateway">home routers</a>.<sup id="cite_ref-1" class="reference"><a href="#cite_note-1">&#91;1&#93;</a></sup>  The Mirai botnet was first found in August 2016<sup id="cite_ref-2" class="reference"><a href="#cite_note-2">&#91;2&#93;</a></sup> by <a href="/wiki/MalwareMustDie" title="MalwareMustDie">MalwareMustDie</a>,<sup id="cite_ref-3" class="reference"><a href="#cite_note-3">&#91;3&#93;</a></sup> a <a href="/wiki/White_hat_(computer_security)" title="White hat (computer security)">white hat</a> malware research group, and has been used in some of the largest and most disruptive <a href="/wiki/Distributed_denial_of_service_attack" class="mw-redirect" title="Distributed denial of service attack">distributed denial of service (DDoS) attacks</a>, including an attack on 20 September 2016<sup id="cite_ref-4" class="reference"><a href="#cite_note-4">&#91;4&#93;</a></sup> on computer security journalist <a href="/wiki/Brian_Krebs" title="Brian Krebs">Brian Krebs</a>' web site, an attack on French web host <a href="/wiki/OVH" class="mw-redirect" title="OVH">OVH</a>,<sup id="cite_ref-securityintelligence_5-0" class="reference"><a href="#cite_note-securityintelligence-5">&#91;5&#93;</a></sup> and the <a href="/wiki/October_2016_Dyn_cyberattack" class="mw-redirect" title="October 2016 Dyn cyberattack">October 2016 Dyn cyberattack</a>.<sup id="cite_ref-6" class="reference"><a href="#cite_note-6">&#91;6&#93;</a></sup><sup id="cite_ref-wired_7-0" class="reference"><a href="#cite_note-wired-7">&#91;7&#93;</a></sup> According to a chat log between Anna-senpai and Robert Coelho, Mirai was named after the 2011 TV <a href="/wiki/Anime" title="Anime">anime</a> series <i><a href="/wiki/Future_Diary" title="Future Diary">Mirai Nikki</a></i>.<sup id="cite_ref-Krebs2017January_8-0" class="reference"><a href="#cite_note-Krebs2017January-8">&#91;8&#93;</a></sup>
</p><p>The software was initially used by the creators to DDoS <i><a href="/wiki/Minecraft" title="Minecraft">Minecraft</a></i> servers and companies offering DDoS protection to said servers, with the authors using Mirai to operate a <a href="/wiki/Protection_racket" title="Protection racket">protection racket</a>.<sup id="cite_ref-9" class="reference"><a href="#cite_note-9">&#91;9&#93;</a></sup> The <a href="/wiki/Source_code" title="Source code">source code</a> for Mirai was subsequently published on <a href="/wiki/Hack_Forums" title="Hack Forums">Hack Forums</a> as <a href="/wiki/Open-source_software" title="Open-source software">open-source</a>.<sup id="cite_ref-10" class="reference"><a href="#cite_note-10">&#91;10&#93;</a></sup> Since the source code was published, the techniques have been adapted in other malware projects.<sup id="cite_ref-11" class="reference"><a href="#cite_note-11">&#91;11&#93;</a></sup><sup id="cite_ref-12" class="reference"><a href="#cite_note-12">&#91;12&#93;</a></sup>
</p>
<div id="toc" class="toc" role="navigation" aria-labelledby="mw-toc-heading"><input type="checkbox" role="button" id="toctogglecheckbox" class="toctogglecheckbox" style="display:none" /><div class="toctitle" lang="en" dir="ltr"><h2 id="mw-toc-heading">Contents</h2><span class="toctogglespan"><label class="toctogglelabel" for="toctogglecheckbox"></label></span></div>
<ul>
<li class="toclevel-1 tocsection-1"><a href="#Malware"><span class="tocnumber">1</span> <span class="toctext">Malware</span></a></li>
<li class="toclevel-1 tocsection-2"><a href="#Use_in_DDoS_attacks"><span class="tocnumber">2</span> <span class="toctext">Use in DDoS attacks</span></a></li>
<li class="toclevel-1 tocsection-3"><a href="#Other_notable_incidents"><span class="tocnumber">3</span> <span class="toctext">Other notable incidents</span></a></li>
<li class="toclevel-1 tocsection-4"><a href="#Identity_of_the_author"><span class="tocnumber">4</span> <span class="toctext">Identity of the author</span></a></li>
<li class="toclevel-1 tocsection-5"><a href="#In_popular_culture"><span class="tocnumber">5</span> <span class="toctext">In popular culture</span></a></li>
<li class="toclevel-1 tocsection-6"><a href="#See_also"><span class="tocnumber">6</span> <span class="toctext">See also</span></a></li>
<li class="toclevel-1 tocsection-7"><a href="#References"><span class="tocnumber">7</span> <span class="toctext">References</span></a></li>
</ul>
</div>

<h2><span class="mw-headline" id="Malware">Malware</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=1" title="Edit section: Malware">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<p>Devices infected by Mirai continuously scan the internet for the <a href="/wiki/IP_address" title="IP address">IP address</a> of <a href="/wiki/Internet_of_things" title="Internet of things">Internet of things</a> (IoT) devices. Mirai includes a table of  IP address ranges that it will not infect, including <a href="/wiki/Private_network" title="Private network">private networks</a> and addresses allocated to the <a href="/wiki/United_States_Postal_Service" title="United States Postal Service">United States Postal Service</a> and <a href="/wiki/United_States_Department_of_Defense" title="United States Department of Defense">Department of Defense</a>.<sup id="cite_ref-13" class="reference"><a href="#cite_note-13">&#91;13&#93;</a></sup>
</p><p>Mirai then identifies vulnerable IoT devices using a table of more than 60 common factory default usernames and passwords, and logs into them to infect them with the Mirai malware.<sup id="cite_ref-securityintelligence_5-1" class="reference"><a href="#cite_note-securityintelligence-5">&#91;5&#93;</a></sup><sup id="cite_ref-webroot_14-0" class="reference"><a href="#cite_note-webroot-14">&#91;14&#93;</a></sup><sup id="cite_ref-15" class="reference"><a href="#cite_note-15">&#91;15&#93;</a></sup> Infected devices will continue to function normally, except for occasional sluggishness,<sup id="cite_ref-webroot_14-1" class="reference"><a href="#cite_note-webroot-14">&#91;14&#93;</a></sup> and an increased use of <a href="/wiki/Bandwidth_(computing)" title="Bandwidth (computing)">bandwidth</a>.  A device remains infected until it is <a href="/wiki/Reboot" title="Reboot">rebooted</a>, which may involve simply turning the device off and after a short wait turning it back on. After a reboot, unless the login password is changed immediately, the device will be reinfected within minutes.<sup id="cite_ref-webroot_14-2" class="reference"><a href="#cite_note-webroot-14">&#91;14&#93;</a></sup> Upon infection Mirai will identify any "competing" malware, remove it from memory, and block remote administration ports.<sup id="cite_ref-16" class="reference"><a href="#cite_note-16">&#91;16&#93;</a></sup>
</p><p>Victim IoT devices are identified by “first entering a rapid scanning phase where it asynchronously and “statelessly” sent TCP SYN probes to pseudo-random IPv4 addresses, excluding those in a hard-coded IP blacklist, on <a href="/wiki/Telnet" title="Telnet">telnet</a> TCP ports 23 and 2323”.<sup id="cite_ref-17" class="reference"><a href="#cite_note-17">&#91;17&#93;</a></sup> If an IoT device responds to the probe, the attack then enters into a brute-force login phase. During this phase, the attacker tries to establish a telnet connection using predetermined username and password pairs from a list of credentials. Most of these logins are default usernames and passwords from the IoT vendor. If the IoT device allows the Telnet access, the victim's IP, along with the successfully used credential is sent to a collection server.
</p><p>There are hundreds of thousands of IoT devices which use default settings, making them vulnerable to infection. Once infected, the device will monitor a <a href="/wiki/Botnet#Command_and_control" title="Botnet">command and control server</a> which indicates the target of an attack.<sup id="cite_ref-webroot_14-3" class="reference"><a href="#cite_note-webroot-14">&#91;14&#93;</a></sup> The reason for the use of the large number of IoT devices is to bypass some <a href="/wiki/DDoS_mitigation" title="DDoS mitigation">anti-DoS software</a> which monitors the IP address of incoming requests and filters or sets up a block if it identifies an abnormal traffic pattern, for example, if too many requests come from a particular IP address. Other reasons include to be able to marshall more bandwidth than the perpetrator can assemble alone, and to avoid being traced.
</p><p>Mirai as an <a href="/wiki/Internet_of_things" title="Internet of things">Internet of things</a> (IoT) devices threat has not been stopped after the arrest of the actors<sup class="noprint Inline-Template Template-Fact" style="white-space:nowrap;">&#91;<i><a href="/wiki/Wikipedia:Citation_needed" title="Wikipedia:Citation needed"><span title="This claim needs references to reliable sources. (April 2018)">citation needed</span></a></i>&#93;</sup>. Some believe that other actors are utilizing the Mirai <a href="/wiki/Malware" title="Malware">malware</a> <a href="/wiki/Source_code" title="Source code">source code</a> on <a href="/wiki/GitHub" title="GitHub">GitHub</a> to evolve Mirai into new <i>variants</i>. They speculate that the goal is to expand its <a href="/wiki/Botnet" title="Botnet">botnet</a> <a href="/wiki/Node_(networking)" title="Node (networking)">node</a> to many more IoT devices. The detail of the recent progress of these variants is listed in the following paragraphs.
</p><p>On 12 December 2017, researchers identified a <i>variant</i> of Mirai exploiting a <a href="/wiki/Zero-day_(computing)" title="Zero-day (computing)">zero-day</a> flaw in <i>Huawei HG532 routers</i> to accelerate Mirai <a href="/wiki/Botnet" title="Botnet">botnets</a> infection,<sup id="cite_ref-18" class="reference"><a href="#cite_note-18">&#91;18&#93;</a></sup> implementing two known <a href="/wiki/SOAP" title="SOAP">SOAP</a> related exploits on routers web interface, CVE-2014–8361 and CVE-2017–17215. This Mirai version is called "Satori".
</p><p>On 14 January 2018, a new variant of Mirai dubbed “Okiru” already targeting popular embedded processor like ARM, MIPS, x86, PowerPC<sup id="cite_ref-19" class="reference"><a href="#cite_note-19">&#91;19&#93;</a></sup> and others was found targeting <a href="/wiki/ARC_(processor)" title="ARC (processor)">ARC processors</a> based <a href="/wiki/Linux" title="Linux">Linux</a> devices<sup id="cite_ref-:1_20-0" class="reference"><a href="#cite_note-:1-20">&#91;20&#93;</a></sup> for the first time. <i>Argonaut RISC Core</i> processor (shorted: <a href="/wiki/ARC_(processor)" title="ARC (processor)">ARC processors</a>) is the second-most-popular embedded 32 bit processor, shipped in more than 1.5 billion products per year, including desktop computers, servers, radio, cameras, mobile, utility meters, televisions, flash drives, automotive, networking devices (smart hubs, TV modems, routers, wifi) and Internet of Things. Only a relatively small number of ARC-based devices run Linux and are therefore exposed to Mirai.
</p><p>On 18 January 2018, a successor of Mirai is reported to be designed to hijack <a href="/wiki/Cryptocurrency" title="Cryptocurrency">cryptocurrency</a>  <a href="/wiki/Bitcoin#Mining" title="Bitcoin">mining</a> operations.<sup id="cite_ref-21" class="reference"><a href="#cite_note-21">&#91;21&#93;</a></sup>
</p><p>On 26 January 2018, two similar Mirai variant botnets were reported, the more modified version of which weaponizes EDB 38722 D-Link router's exploit to enlist further vulnerable IoT devices. The vulnerability in the router's Home Network Administration Protocol (HNAP) is utilized to craft a malicious query to exploited routers that can bypass authentication, to then cause an arbitrary remote code execution. The less modified version of Mirai is called "Masuta" (after the Japanese transliteration of "Master"), while the more modified version is called "PureMasuta".<sup id="cite_ref-Rene_Millman_22-0" class="reference"><a href="#cite_note-Rene_Millman-22">&#91;22&#93;</a></sup>
</p><p>In March 2018, a new variant of Mirai, dubbed as "OMG", has emerged to surface with added configurations to target vulnerable IoT devices and turning them into proxy servers. New firewall rules that allow traffic to travel through the generated HTTP and SOCKS ports were added configurations to the Mirai code. Once these ports are open to traffic, OMG sets up 3proxy – open-source software available on a <a href="/wiki/Russia" title="Russia">Russian</a> website.<sup id="cite_ref-23" class="reference"><a href="#cite_note-23">&#91;23&#93;</a></sup>
</p><p>Between May to June 2018, another variant of Mirai, dubbed as "Wicked", has emerged with added configurations to target at least three additional exploits including those affecting Netgear routers and CCTV-DVRs. Wicked scans ports 8080, 8443, 80, and 81 and attempts to locate vulnerable, unpatched IoT devices running on those ports. Researchers suspect the same author created the Wicked, Sora, Owari, and Omni botnets.<sup id="cite_ref-24" class="reference"><a href="#cite_note-24">&#91;24&#93;</a></sup><sup id="cite_ref-25" class="reference"><a href="#cite_note-25">&#91;25&#93;</a></sup>
</p><p>In early July 2018 it was reported at least thirteen versions of Mirai malware has been detected actively infecting Linux <a href="/wiki/Internet_of_things" title="Internet of things">Internet of things</a> (IoT) in the internet, and three of them were designed to target specific vulnerabilities by using exploit proof of concept, without launching brute-forcing attack to the default credential authentication.<sup id="cite_ref-26" class="reference"><a href="#cite_note-26">&#91;26&#93;</a></sup> In the same month it was published a report of infection campaign of Mirai malware to Android devices through the Android Debug Bridge on TCP/5555 which is actually an optional feature in the Android operating system, but it was discovered that this feature appears to be enabled on some Android phones.<sup id="cite_ref-27" class="reference"><a href="#cite_note-27">&#91;27&#93;</a></sup>
</p><p>At the end of 2018, a Mirai variant dubbed "Miori" started being spread through a remote code execution vulnerability in the ThinkPHP framework, affecting versions 5.0.23 to 5.1.31. This vulnerability is continuously being abused by the further evolved Mirai variants dubbed as "Hakai" and "Yowai" in January 2019, and variant "SpeakUp" in February, 2019.<sup id="cite_ref-28" class="reference"><a href="#cite_note-28">&#91;28&#93;</a></sup>
</p>
<h2><span class="mw-headline" id="Use_in_DDoS_attacks">Use in DDoS attacks</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=2" title="Edit section: Use in DDoS attacks">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<p>Mirai was used, alongside <a href="/wiki/BASHLITE" title="BASHLITE">BASHLITE</a>,<sup id="cite_ref-arstechnica.com_29-0" class="reference"><a href="#cite_note-arstechnica.com-29">&#91;29&#93;</a></sup> in the DDoS attack on 20 September 2016 on the <a href="/wiki/Krebs_on_Security" class="mw-redirect" title="Krebs on Security">Krebs on Security</a> site which reached 620 Gbit/s.<sup id="cite_ref-30" class="reference"><a href="#cite_note-30">&#91;30&#93;</a></sup> <a href="/wiki/Ars_Technica" title="Ars Technica">Ars Technica</a> also reported a 1 Tbit/s attack on French web host <a href="/wiki/OVH" class="mw-redirect" title="OVH">OVH</a>.<sup id="cite_ref-securityintelligence_5-2" class="reference"><a href="#cite_note-securityintelligence-5">&#91;5&#93;</a></sup>
</p><p>On 21 October 2016, multiple major DDoS attacks in <a href="/wiki/DNS" class="mw-redirect" title="DNS">DNS</a> services of DNS service provider <a href="/wiki/Dyn_(company)" title="Dyn (company)">Dyn</a> occurred using Mirai malware installed on a large number of <a href="/wiki/Internet_of_things" title="Internet of things">IoT devices</a>, many of which were still using their default usernames and passwords.<sup id="cite_ref-31" class="reference"><a href="#cite_note-31">&#91;31&#93;</a></sup> These attacks resulted in the inaccessibility of several high-profile websites, including <a href="/wiki/GitHub" title="GitHub">GitHub</a>, <a href="/wiki/Twitter" title="Twitter">Twitter</a>, <a href="/wiki/Reddit" title="Reddit">Reddit</a>, <a href="/wiki/Netflix" title="Netflix">Netflix</a>, <a href="/wiki/Airbnb" title="Airbnb">Airbnb</a> and many others.<sup id="cite_ref-32" class="reference"><a href="#cite_note-32">&#91;32&#93;</a></sup> The attribution of the Dyn attack to the Mirai botnet was originally reported by Level 3 Communications.<sup id="cite_ref-arstechnica.com_29-1" class="reference"><a href="#cite_note-arstechnica.com-29">&#91;29&#93;</a></sup><sup id="cite_ref-33" class="reference"><a href="#cite_note-33">&#91;33&#93;</a></sup>
</p><p>Mirai was later revealed to have been used during the DDoS attacks against <a href="/wiki/Rutgers_University" title="Rutgers University">Rutgers University</a> from 2014 to 2016, which left faculty and students on campus unable to access the outside Internet for several days at a time.  Additionally, a failure of the University's <a href="/wiki/Central_Authentication_Service" title="Central Authentication Service">Central Authentication Service</a> caused course registration and other services unavailable during critical times in the academic semester. The university reportedly spent $300,000 in consultation and increased the cyber-security budget of the university by $1 million in response to these attacks. The university cited the attacks among its reasons for the increase in tuition and fees for the 2015–2016 school year.<sup id="cite_ref-34" class="reference"><a href="#cite_note-34">&#91;34&#93;</a></sup> A person under the alias "exfocus" claimed responsibility for the attacks, stating in a <a href="/wiki/Reddit_AMA" class="mw-redirect" title="Reddit AMA">Reddit AMA</a> on the <i>/r/Rutgers</i> <a href="/wiki/Subreddit" class="mw-redirect" title="Subreddit">subreddit</a> that the user was a student at the school and the DDoS attacks were motivated by frustrations with the university's <a href="/wiki/Rutgers_Campus_Buses" title="Rutgers Campus Buses">bus system</a>. The same user later claimed in an interview with a New Jersey-based blogger that they had lied about being affiliated with the university and that the attacks were being funded by an anonymous client. Security researcher Brian Krebs later alleged the user was indeed a student at Rutgers University and that the latter interview was given in an attempt to distract investigators.<sup id="cite_ref-Krebs2017January_8-1" class="reference"><a href="#cite_note-Krebs2017January-8">&#91;8&#93;</a></sup>
</p><p>Staff at Deep Learning Security observed the steady growth of Mirai botnets before and after the 21 October attack.<sup id="cite_ref-35" class="reference"><a href="#cite_note-35">&#91;35&#93;</a></sup>
</p><p>Mirai has also been used in an attack on <a href="/wiki/Liberia" title="Liberia">Liberia</a>'s Internet infrastructure in November 2016.<sup id="cite_ref-tel1_36-0" class="reference"><a href="#cite_note-tel1-36">&#91;36&#93;</a></sup><sup id="cite_ref-37" class="reference"><a href="#cite_note-37">&#91;37&#93;</a></sup><sup id="cite_ref-38" class="reference"><a href="#cite_note-38">&#91;38&#93;</a></sup> According to computer security expert Kevin Beaumont, the attack appears to have originated from the actor which also attacked Dyn.<sup id="cite_ref-tel1_36-1" class="reference"><a href="#cite_note-tel1-36">&#91;36&#93;</a></sup>
</p>
<h2><span class="mw-headline" id="Other_notable_incidents">Other notable incidents</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=3" title="Edit section: Other notable incidents">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<p>At the end of November 2016, approximately 900,000 <a href="/wiki/Router_(computing)" title="Router (computing)">routers</a>, from <a href="/wiki/Deutsche_Telekom" title="Deutsche Telekom">Deutsche Telekom</a> and produced by Arcadyan, were crashed due to failed TR-064 exploitation attempts by a variant of Mirai, which resulted in Internet connectivity problems for the users of these devices.<sup id="cite_ref-39" class="reference"><a href="#cite_note-39">&#91;39&#93;</a></sup><sup id="cite_ref-40" class="reference"><a href="#cite_note-40">&#91;40&#93;</a></sup> While TalkTalk later patched their routers, a new variant of Mirai was discovered in TalkTalk routers.<sup id="cite_ref-41" class="reference"><a href="#cite_note-41">&#91;41&#93;</a></sup>
</p><p>A British man suspected of being behind the attack was arrested at Luton Airport, according to the <a href="/wiki/BBC_News" title="BBC News">BBC</a>.<sup id="cite_ref-42" class="reference"><a href="#cite_note-42">&#91;42&#93;</a></sup>
</p>
<h2><span class="mw-headline" id="Identity_of_the_author">Identity of the author</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=4" title="Edit section: Identity of the author">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<p>On January 17, 2017, computer security journalist <a href="/wiki/Brian_Krebs" title="Brian Krebs">Brian Krebs</a> posted an article on his blog, Krebs on Security, where he disclosed the name of the person who he believed to have written the malware. Krebs stated that the likely real-life identity of Anna-senpai (named after Anna Nishikinomiya, a character from <i><a href="/wiki/Shimoneta" title="Shimoneta">Shimoneta</a></i>), the author of Mirai, was actually Paras Jha, the owner of a DDoS mitigation service company ProTraf Solutions and a student of <a href="/wiki/Rutgers_University" title="Rutgers University">Rutgers University</a>. In an update to the original article, Paras Jha responded to Krebs and denied having written Mirai.<sup id="cite_ref-Krebs2017January_8-2" class="reference"><a href="#cite_note-Krebs2017January-8">&#91;8&#93;</a></sup>  The <a href="/wiki/Federal_Bureau_of_Investigation" title="Federal Bureau of Investigation">FBI</a> was reported to have questioned Jha on his involvement in the <a href="/wiki/October_2016_Dyn_cyberattack" class="mw-redirect" title="October 2016 Dyn cyberattack">October 2016 Dyn cyberattack</a>.<sup id="cite_ref-43" class="reference"><a href="#cite_note-43">&#91;43&#93;</a></sup>  On December 13, 2017, Paras Jha, Josiah White, and Dalton Norman entered a guilty plea to crimes related to the Mirai botnet.<sup id="cite_ref-44" class="reference"><a href="#cite_note-44">&#91;44&#93;</a></sup>
</p><p>Daniel Kaye, 29, also known as alias "BestBuy", "Popopret" or "Spiderman", has been accused of "using an infected network of computers known as the Mirai botnet to attack and blackmail <a href="/wiki/Lloyds_Banking_Group" title="Lloyds Banking Group">Lloyds Banking Group</a> and <a href="/wiki/Barclays" title="Barclays">Barclays</a> banks," according to the NCA. He has been extradited from Germany to the UK according to the same report. Kaye has also pleaded guilty in court on hijacking more than 900,000 routers from the network of Deutsche Telekom.<sup id="cite_ref-45" class="reference"><a href="#cite_note-45">&#91;45&#93;</a></sup><sup id="cite_ref-46" class="reference"><a href="#cite_note-46">&#91;46&#93;</a></sup>
</p><p>Researchers are pointing to the handle name "Nexus Zeta" as responsible for the author of new variants of Mirai (dubbed as Okiru, Satori, Masuta and PureMasuta)<sup id="cite_ref-47" class="reference"><a href="#cite_note-47">&#91;47&#93;</a></sup><sup id="cite_ref-48" class="reference"><a href="#cite_note-48">&#91;48&#93;</a></sup><sup id="cite_ref-Rene_Millman_22-1" class="reference"><a href="#cite_note-Rene_Millman-22">&#91;22&#93;</a></sup> On August 21, 2018 the grand jury has indicted Kenneth Currin Schuchman, 20, aka Nexus Zeta, of knowingly causing the transmission of a program, information, code, and commands, and as result of such conduct intentionally caused damage without authorization to protected computers, according to the indictment filed in <a href="/wiki/United_States_district_court" title="United States district court">U.S. District Court</a> in <a href="/wiki/Anchorage,_Alaska" title="Anchorage, Alaska">Anchorage</a>,<sup id="cite_ref-49" class="reference"><a href="#cite_note-49">&#91;49&#93;</a></sup><sup id="cite_ref-50" class="reference"><a href="#cite_note-50">&#91;50&#93;</a></sup> followed by the arrest and trial of the suspect.<sup id="cite_ref-51" class="reference"><a href="#cite_note-51">&#91;51&#93;</a></sup>
</p>
<h2><span class="mw-headline" id="In_popular_culture">In popular culture</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=5" title="Edit section: In popular culture">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<p>American electronic musician and composer <a href="/wiki/James_Ferraro" title="James Ferraro">James Ferraro</a>'s 2018 album <i><a href="/wiki/Four_Pieces_for_Mirai" class="mw-redirect" title="Four Pieces for Mirai">Four Pieces for Mirai</a></i> references Mirai in its ongoing narrative.
</p>
<h2><span class="mw-headline" id="See_also">See also</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=6" title="Edit section: See also">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<ul><li><a href="/wiki/Linux_malware" title="Linux malware">Linux malware</a></li>
<li><a href="/wiki/Denial-of-service_attack" title="Denial-of-service attack">Denial-of-service attack</a></li>
<li><a href="/wiki/BASHLITE" title="BASHLITE">BASHLITE</a> – another notable IoT malware</li>
<li><a href="/wiki/Linux.Darlloz" title="Linux.Darlloz">Linux.Darlloz</a> – another notable IoT malware</li>
<li><a href="/wiki/Remaiten" title="Remaiten">Remaiten</a> – another IoT DDoS bot</li>
<li><a href="/wiki/Linux.Wifatch" title="Linux.Wifatch">Linux.Wifatch</a></li>
<li><a href="/wiki/Hajime_(malware)" title="Hajime (malware)">Hajime</a></li>
<li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li></ul>
<h2><span class="mw-headline" id="References">References</span><span class="mw-editsection"><span class="mw-editsection-bracket">[</span><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit&amp;section=7" title="Edit section: References">edit</a><span class="mw-editsection-bracket">]</span></span></h2>
<style data-mw-deduplicate="TemplateStyles:r1011085734">.mw-parser-output .reflist{font-size:90%;margin-bottom:0.5em;list-style-type:decimal}.mw-parser-output .reflist .references{font-size:100%;margin-bottom:0;list-style-type:inherit}.mw-parser-output .reflist-columns-2{column-width:30em}.mw-parser-output .reflist-columns-3{column-width:25em}.mw-parser-output .reflist-columns{margin-top:0.3em}.mw-parser-output .reflist-columns ol{margin-top:0}.mw-parser-output .reflist-columns li{page-break-inside:avoid;break-inside:avoid-column}.mw-parser-output .reflist-upper-alpha{list-style-type:upper-alpha}.mw-parser-output .reflist-upper-roman{list-style-type:upper-roman}.mw-parser-output .reflist-lower-alpha{list-style-type:lower-alpha}.mw-parser-output .reflist-lower-greek{list-style-type:lower-greek}.mw-parser-output .reflist-lower-roman{list-style-type:lower-roman}</style><div class="reflist reflist-columns references-column-width" style="column-width: 35em;">
<ol class="references">
<li id="cite_note-1"><span class="mw-cite-backlink"><b><a href="#cite_ref-1">^</a></b></span> <span class="reference-text"><style data-mw-deduplicate="TemplateStyles:r999302996">.mw-parser-output cite.citation{font-style:inherit}.mw-parser-output .citation q{quotes:"\"""\"""'""'"}.mw-parser-output .id-lock-free a,.mw-parser-output .citation .cs1-lock-free a{background:linear-gradient(transparent,transparent),url("//upload.wikimedia.org/wikipedia/commons/6/65/Lock-green.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-limited a,.mw-parser-output .id-lock-registration a,.mw-parser-output .citation .cs1-lock-limited a,.mw-parser-output .citation .cs1-lock-registration a{background:linear-gradient(transparent,transparent),url("//upload.wikimedia.org/wikipedia/commons/d/d6/Lock-gray-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .id-lock-subscription a,.mw-parser-output .citation .cs1-lock-subscription a{background:linear-gradient(transparent,transparent),url("//upload.wikimedia.org/wikipedia/commons/a/aa/Lock-red-alt-2.svg")right 0.1em center/9px no-repeat}.mw-parser-output .cs1-subscription,.mw-parser-output .cs1-registration{color:#555}.mw-parser-output .cs1-subscription span,.mw-parser-output .cs1-registration span{border-bottom:1px dotted;cursor:help}.mw-parser-output .cs1-ws-icon a{background:linear-gradient(transparent,transparent),url("//upload.wikimedia.org/wikipedia/commons/4/4c/Wikisource-logo.svg")right 0.1em center/12px no-repeat}.mw-parser-output code.cs1-code{color:inherit;background:inherit;border:none;padding:inherit}.mw-parser-output .cs1-hidden-error{display:none;font-size:100%}.mw-parser-output .cs1-visible-error{font-size:100%}.mw-parser-output .cs1-maint{display:none;color:#33aa33;margin-left:0.3em}.mw-parser-output .cs1-format{font-size:95%}.mw-parser-output .cs1-kern-left,.mw-parser-output .cs1-kern-wl-left{padding-left:0.2em}.mw-parser-output .cs1-kern-right,.mw-parser-output .cs1-kern-wl-right{padding-right:0.2em}.mw-parser-output .citation .mw-selflink{font-weight:inherit}</style><cite id="CITEREFBiggs,_John2016" class="citation web cs1">Biggs, John (Oct 10, 2016). <a rel="nofollow" class="external text" href="https://techcrunch.com/2016/10/10/hackers-release-source-code-for-a-powerful-ddos-app-called-mirai/">"Hackers release source code for a powerful DDoS app called Mirai"</a>. <a href="/wiki/TechCrunch" title="TechCrunch">TechCrunch</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161020105628/https://techcrunch.com/2016/10/10/hackers-release-source-code-for-a-powerful-ddos-app-called-mirai/">Archived</a> from the original on 20 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">19 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Hackers+release+source+code+for+a+powerful+DDoS+app+called+Mirai&amp;rft.pub=TechCrunch&amp;rft.date=2016-10-10&amp;rft.au=Biggs%2C+John&amp;rft_id=https%3A%2F%2Ftechcrunch.com%2F2016%2F10%2F10%2Fhackers-release-source-code-for-a-powerful-ddos-app-called-mirai%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-2"><span class="mw-cite-backlink"><b><a href="#cite_ref-2">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFnjccic2016" class="citation web cs1">njccic (December 28, 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161212084605/https://www.cyber.nj.gov/threat-profiles/botnet-variants/mirai-botnet">"Mirai Botnet"</a>. The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC). Archived from <a rel="nofollow" class="external text" href="https://www.cyber.nj.gov/threat-profiles/botnet-variants/mirai-botnet">the original</a> on 12 December 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">28 December</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Mirai+Botnet&amp;rft.pub=The+New+Jersey+Cybersecurity+and+Communications+Integration+Cell+%28NJCCIC%29&amp;rft.date=2016-12-28&amp;rft.au=njccic&amp;rft_id=https%3A%2F%2Fwww.cyber.nj.gov%2Fthreat-profiles%2Fbotnet-variants%2Fmirai-botnet&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-3"><span class="mw-cite-backlink"><b><a href="#cite_ref-3">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFunixfreaxjp2016" class="citation web cs1">unixfreaxjp (August 31, 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20160905023500/http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html">"MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled"</a>. <a href="/wiki/MalwareMustDie" title="MalwareMustDie">MalwareMustDie</a>. Archived from <a rel="nofollow" class="external text" href="http://blog.malwaremustdie.org/2016/08/mmd-0056-2016-linuxmirai-just.html">the original</a> on 5 September 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">31 August</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=MMD-0056-2016+-+Linux%2FMirai%2C+how+an+old+ELF+malcode+is+recycled&amp;rft.pub=MalwareMustDie&amp;rft.date=2016-08-31&amp;rft.au=unixfreaxjp&amp;rft_id=http%3A%2F%2Fblog.malwaremustdie.org%2F2016%2F08%2Fmmd-0056-2016-linuxmirai-just.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-4"><span class="mw-cite-backlink"><b><a href="#cite_ref-4">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFKrebs,_Brian2016" class="citation web cs1">Krebs, Brian (September 21, 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161115112659/https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/">"KrebsOnSecurity Hit With Record DDoS"</a>. <a href="/wiki/Brian_Krebs" title="Brian Krebs">Brian Krebs</a>. Archived from <a rel="nofollow" class="external text" href="https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/">the original</a> on 15 November 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">17 November</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=KrebsOnSecurity+Hit+With+Record+DDoS&amp;rft.pub=Brian+Krebs&amp;rft.date=2016-09-21&amp;rft.au=Krebs%2C+Brian&amp;rft_id=https%3A%2F%2Fkrebsonsecurity.com%2F2016%2F09%2Fkrebsonsecurity-hit-with-record-ddos%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-securityintelligence-5"><span class="mw-cite-backlink">^ <a href="#cite_ref-securityintelligence_5-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-securityintelligence_5-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-securityintelligence_5-2"><sup><i><b>c</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFBonderud,_Douglas2016" class="citation web cs1">Bonderud, Douglas (October 4, 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161021003956/https://securityintelligence.com/news/leaked-mirai-malware-boosts-iot-insecurity-threat-level/">"Leaked Mirai Malware Boosts IoT Insecurity Threat Level"</a>. securityintelligence.com. Archived from <a rel="nofollow" class="external text" href="https://securityintelligence.com/news/leaked-mirai-malware-boosts-iot-insecurity-threat-level/">the original</a> on 21 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">20 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Leaked+Mirai+Malware+Boosts+IoT+Insecurity+Threat+Level&amp;rft.pub=securityintelligence.com&amp;rft.date=2016-10-04&amp;rft.au=Bonderud%2C+Douglas&amp;rft_id=https%3A%2F%2Fsecurityintelligence.com%2Fnews%2Fleaked-mirai-malware-boosts-iot-insecurity-threat-level%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-6"><span class="mw-cite-backlink"><b><a href="#cite_ref-6">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFHackett,_Robert2016" class="citation web cs1">Hackett, Robert (October 3, 2016). <a rel="nofollow" class="external text" href="http://fortune.com/2016/10/03/botnet-code-ddos-hacker/">"Why a Hacker Dumped Code Behind Colossal Website-Trampling Botnet"</a>. <a href="/wiki/Fortune_(magazine)" title="Fortune (magazine)">Fortune.com</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161022172232/http://fortune.com/2016/10/03/botnet-code-ddos-hacker/">Archived</a> from the original on 22 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">19 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Why+a+Hacker+Dumped+Code+Behind+Colossal+Website-Trampling+Botnet&amp;rft.pub=Fortune.com&amp;rft.date=2016-10-03&amp;rft.au=Hackett%2C+Robert&amp;rft_id=http%3A%2F%2Ffortune.com%2F2016%2F10%2F03%2Fbotnet-code-ddos-hacker%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-wired-7"><span class="mw-cite-backlink"><b><a href="#cite_ref-wired_7-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFNewman" class="citation news cs1">Newman, Lily Hay. <a rel="nofollow" class="external text" href="https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/">"What We Know About Friday's Massive East Coast Internet Outage"</a>. <i>WIRED</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161022013504/https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/">Archived</a> from the original on 2016-10-22<span class="reference-accessdate">. Retrieved <span class="nowrap">2016-10-21</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=WIRED&amp;rft.atitle=What+We+Know+About+Friday%27s+Massive+East+Coast+Internet+Outage&amp;rft.aulast=Newman&amp;rft.aufirst=Lily+Hay&amp;rft_id=https%3A%2F%2Fwww.wired.com%2F2016%2F10%2Finternet-outage-ddos-dns-dyn%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-Krebs2017January-8"><span class="mw-cite-backlink">^ <a href="#cite_ref-Krebs2017January_8-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-Krebs2017January_8-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-Krebs2017January_8-2"><sup><i><b>c</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFKrebs" class="citation web cs1">Krebs, Brian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170122013744/https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/">"Who is Anna-Senpai, the Mirai Worm Author?"</a>. <i>Krebs on Security</i>. Archived from <a rel="nofollow" class="external text" href="https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/">the original</a> on 22 January 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">25 January</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Krebs+on+Security&amp;rft.atitle=Who+is+Anna-Senpai%2C+the+Mirai+Worm+Author%3F&amp;rft.aulast=Krebs&amp;rft.aufirst=Brian&amp;rft_id=https%3A%2F%2Fkrebsonsecurity.com%2F2017%2F01%2Fwho-is-anna-senpai-the-mirai-worm-author%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-9"><span class="mw-cite-backlink"><b><a href="#cite_ref-9">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.wired.com/story/mirai-botnet-minecraft-scam-brought-down-the-internet/">"The Mirai Botnet Was Part of a College Student Minecraft Scheme"</a>. <i>Wired</i>. <a href="/wiki/ISSN_(identifier)" class="mw-redirect" title="ISSN (identifier)">ISSN</a>&#160;<a rel="nofollow" class="external text" href="//www.worldcat.org/issn/1059-1028">1059-1028</a><span class="reference-accessdate">. Retrieved <span class="nowrap">2020-10-19</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=Wired&amp;rft.atitle=The+Mirai+Botnet+Was+Part+of+a+College+Student+Minecraft+Scheme&amp;rft.issn=1059-1028&amp;rft_id=https%3A%2F%2Fwww.wired.com%2Fstory%2Fmirai-botnet-minecraft-scam-brought-down-the-internet%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-10"><span class="mw-cite-backlink"><b><a href="#cite_ref-10">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFStatt2016" class="citation web cs1">Statt, Nick (October 21, 2016). <a rel="nofollow" class="external text" href="https://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained">"How an army of vulnerable gadgets took down the web today"</a>. <i><a href="/wiki/The_Verge" title="The Verge">The Verge</a></i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161116151137/http://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained">Archived</a> from the original on November 16, 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">October 21,</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=The+Verge&amp;rft.atitle=How+an+army+of+vulnerable+gadgets+took+down+the+web+today&amp;rft.date=2016-10-21&amp;rft.aulast=Statt&amp;rft.aufirst=Nick&amp;rft_id=https%3A%2F%2Fwww.theverge.com%2F2016%2F10%2F21%2F13362354%2Fdyn-dns-ddos-attack-cause-outage-status-explained&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-11"><span class="mw-cite-backlink"><b><a href="#cite_ref-11">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFKan,_Michael2016" class="citation web cs1">Kan, Michael (October 18, 2016). <a rel="nofollow" class="external text" href="http://www.itworld.com/article/3132570/hackers-create-more-iot-botnets-with-mirai-source-code.html">"Hackers create more IoT botnets with Mirai source code"</a>. <a href="/wiki/International_Data_Group" title="International Data Group">ITWORLD</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161020025537/http://www.itworld.com/article/3132570/hackers-create-more-iot-botnets-with-mirai-source-code.html">Archived</a> from the original on 20 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">20 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Hackers+create+more+IoT+botnets+with+Mirai+source+code&amp;rft.pub=ITWORLD&amp;rft.date=2016-10-18&amp;rft.au=Kan%2C+Michael&amp;rft_id=http%3A%2F%2Fwww.itworld.com%2Farticle%2F3132570%2Fhackers-create-more-iot-botnets-with-mirai-source-code.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-12"><span class="mw-cite-backlink"><b><a href="#cite_ref-12">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://research.checkpoint.com/iotroop-botnet-full-investigation/">"Archived copy"</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180115071638/https://research.checkpoint.com/iotroop-botnet-full-investigation/">Archived</a> from the original on 2018-01-15<span class="reference-accessdate">. Retrieved <span class="nowrap">2018-01-14</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Archived+copy&amp;rft_id=https%3A%2F%2Fresearch.checkpoint.com%2Fiotroop-botnet-full-investigation%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span><span class="cs1-maint citation-comment">CS1 maint: archived copy as title (<a href="/wiki/Category:CS1_maint:_archived_copy_as_title" title="Category:CS1 maint: archived copy as title">link</a>)</span></span>
</li>
<li id="cite_note-13"><span class="mw-cite-backlink"><b><a href="#cite_ref-13">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFZeifman,_IgalBekerman,_DimaHerzberg,_Ben2016" class="citation web cs1">Zeifman, Igal; Bekerman, Dima; Herzberg, Ben (October 10, 2016). <a rel="nofollow" class="external text" href="https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html">"Breaking Down Mirai: An IoT DDoS Botnet Analysis"</a>. <a href="/wiki/Incapsula" title="Incapsula">Incapsula</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161021075900/https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html">Archived</a> from the original on 21 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">20 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Breaking+Down+Mirai%3A+An+IoT+DDoS+Botnet+Analysis&amp;rft.pub=Incapsula&amp;rft.date=2016-10-10&amp;rft.au=Zeifman%2C+Igal&amp;rft.au=Bekerman%2C+Dima&amp;rft.au=Herzberg%2C+Ben&amp;rft_id=https%3A%2F%2Fwww.incapsula.com%2Fblog%2Fmalware-analysis-mirai-ddos-botnet.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-webroot-14"><span class="mw-cite-backlink">^ <a href="#cite_ref-webroot_14-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-webroot_14-1"><sup><i><b>b</b></i></sup></a> <a href="#cite_ref-webroot_14-2"><sup><i><b>c</b></i></sup></a> <a href="#cite_ref-webroot_14-3"><sup><i><b>d</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFMoffitt,_Tyler2016" class="citation web cs1">Moffitt, Tyler (October 10, 2016). <a rel="nofollow" class="external text" href="https://www.webroot.com/blog/2016/10/10/source-code-mirai-iot-malware-released/">"Source Code for Mirai IoT Malware Released"</a>. <a href="/wiki/Webroot" title="Webroot">Webroot</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161021064505/https://www.webroot.com/blog/2016/10/10/source-code-mirai-iot-malware-released/">Archived</a> from the original on 21 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">20 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Source+Code+for+Mirai+IoT+Malware+Released&amp;rft.pub=Webroot&amp;rft.date=2016-10-10&amp;rft.au=Moffitt%2C+Tyler&amp;rft_id=https%3A%2F%2Fwww.webroot.com%2Fblog%2F2016%2F10%2F10%2Fsource-code-mirai-iot-malware-released%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-15"><span class="mw-cite-backlink"><b><a href="#cite_ref-15">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFOsborne,_Charlie2016" class="citation web cs1">Osborne, Charlie (October 17, 2016). <a rel="nofollow" class="external text" href="https://www.zdnet.com/article/mirai-ddos-botnet-powers-up-infects-sierra-wireless-gateways/">"Mirai DDoS botnet powers up, infects Sierra Wireless gateways"</a>. <a href="/wiki/ZDNet" title="ZDNet">ZDNet</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161020045727/http://www.zdnet.com/article/mirai-ddos-botnet-powers-up-infects-sierra-wireless-gateways/">Archived</a> from the original on 20 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">20 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Mirai+DDoS+botnet+powers+up%2C+infects+Sierra+Wireless+gateways&amp;rft.pub=ZDNet&amp;rft.date=2016-10-17&amp;rft.au=Osborne%2C+Charlie&amp;rft_id=http%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmirai-ddos-botnet-powers-up-infects-sierra-wireless-gateways%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-16"><span class="mw-cite-backlink"><b><a href="#cite_ref-16">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFXander2016" class="citation web cs1">Xander (October 28, 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161121175123/https://servercomparator.com/vpn/blog/dyn-mirai-ddos-complete-story">"DDoS on Dyn The Complete Story"</a>. ServerComparator. Archived from <a rel="nofollow" class="external text" href="https://servercomparator.com/vpn/blog/dyn-mirai-ddos-complete-story">the original</a> on 21 November 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">21 November</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=DDoS+on+Dyn+The+Complete+Story&amp;rft.pub=ServerComparator&amp;rft.date=2016-10-28&amp;rft.au=Xander&amp;rft_id=https%3A%2F%2Fservercomparator.com%2Fvpn%2Fblog%2Fdyn-mirai-ddos-complete-story&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-17"><span class="mw-cite-backlink"><b><a href="#cite_ref-17">^</a></b></span> <span class="reference-text">Antonakakis, M., et al.: Understanding the Mirai botnet. In: 26th USENIX Security Symposium (USENIX Security 2017) (2017)</span>
</li>
<li id="cite_note-18"><span class="mw-cite-backlink"><b><a href="#cite_ref-18">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFDan_Goodin2017" class="citation web cs1">Dan Goodin (December 12, 2017). <a rel="nofollow" class="external text" href="https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/">"100,000-strong botnet built on router 0-day could strike at any time"</a>. <a href="/wiki/Ars_Technica" title="Ars Technica">Ars Technica</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180207005238/https://arstechnica.com/information-technology/2017/12/100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time/">Archived</a> from the original on February 7, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=100%2C000-strong+botnet+built+on+router+0-day+could+strike+at+any+time&amp;rft.pub=Ars+Technica&amp;rft.date=2017-12-12&amp;rft.au=Dan+Goodin&amp;rft_id=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F12%2F100000-strong-botnet-built-on-router-0-day-could-strike-at-any-time%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-19"><span class="mw-cite-backlink"><b><a href="#cite_ref-19">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.fortinet.com/blog/threat-research/iot-botnet-more-targets-in-okirus-cross-hairs.html">"IoT Botnet: More Targets in Okiru's Cross-hairs"</a>. <i>Fortinet</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180723122812/https://www.fortinet.com/blog/threat-research/iot-botnet-more-targets-in-okirus-cross-hairs.html">Archived</a> from the original on 23 July 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">18 April</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Fortinet&amp;rft.atitle=IoT+Botnet%3A+More+Targets+in+Okiru%27s+Cross-hairs&amp;rft_id=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fiot-botnet-more-targets-in-okirus-cross-hairs.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-:1-20"><span class="mw-cite-backlink"><b><a href="#cite_ref-:1_20-0">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFLeyden,_John2016" class="citation web cs1">Leyden, John (January 16, 2016). <a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2018/01/16/arc_iot_botnet_malware/">"New Mirai botnet species 'Okiru' hunts for ARC-based kit"</a>. <a href="/wiki/The_Register" title="The Register">www.theregister.co.uk</a>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180116161657/https://www.theregister.co.uk/2018/01/16/arc_iot_botnet_malware/">Archived</a> from the original on January 16, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=New+Mirai+botnet+species+%27Okiru%27+hunts+for+ARC-based+kit&amp;rft.pub=www.theregister.co.uk&amp;rft.date=2016-01-16&amp;rft.au=Leyden%2C+John&amp;rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2018%2F01%2F16%2Farc_iot_botnet_malware%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-21"><span class="mw-cite-backlink"><b><a href="#cite_ref-21">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFWarwick_Ashford2018" class="citation web cs1">Warwick Ashford (January 18, 2018). <a rel="nofollow" class="external text" href="http://www.computerweekly.com/news/450433414/Next-gen-Mirai-botnet-targets-cryptocurrency-mining-operations">"Next-gen Mirai botnet targets cryptocurrency mining operations"</a>. Computer Weekly. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180207005141/http://www.computerweekly.com/news/450433414/Next-gen-Mirai-botnet-targets-cryptocurrency-mining-operations">Archived</a> from the original on February 7, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Next-gen+Mirai+botnet+targets+cryptocurrency+mining+operations&amp;rft.pub=Computer+Weekly&amp;rft.date=2018-01-18&amp;rft.au=Warwick+Ashford&amp;rft_id=http%3A%2F%2Fwww.computerweekly.com%2Fnews%2F450433414%2FNext-gen-Mirai-botnet-targets-cryptocurrency-mining-operations&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-Rene_Millman-22"><span class="mw-cite-backlink">^ <a href="#cite_ref-Rene_Millman_22-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-Rene_Millman_22-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFRene_Millman2018" class="citation web cs1">Rene Millman (January 26, 2018). <a rel="nofollow" class="external text" href="https://www.scmagazineuk.com/satori-creator-linked-with-new-mirai-variant-masuta/article/739714/">"Satori creator linked with new Mirai variant Masuta"</a>. SC Media UK. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180207005039/https://www.scmagazineuk.com/satori-creator-linked-with-new-mirai-variant-masuta/article/739714/">Archived</a> from the original on February 7, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Satori+creator+linked+with+new+Mirai+variant+Masuta&amp;rft.pub=SC+Media+UK&amp;rft.date=2018-01-26&amp;rft.au=Rene+Millman&amp;rft_id=https%3A%2F%2Fwww.scmagazineuk.com%2Fsatori-creator-linked-with-new-mirai-variant-masuta%2Farticle%2F739714%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-23"><span class="mw-cite-backlink"><b><a href="#cite_ref-23">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFCatalin_Cimpanu2018" class="citation web cs1">Catalin Cimpanu (February 27, 2018). <a rel="nofollow" class="external text" href="https://www.bleepingcomputer.com/news/security/new-mirai-variant-focuses-on-turning-iot-devices-into-proxy-servers/">"New Mirai Variant Focuses on Turning IoT Devices into Proxy Servers"</a>. Bleeping Computer. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180227082822/https://www.bleepingcomputer.com/news/security/new-mirai-variant-focuses-on-turning-iot-devices-into-proxy-servers/">Archived</a> from the original on February 27, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 27,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=New+Mirai+Variant+Focuses+on+Turning+IoT+Devices+into+Proxy+Servers&amp;rft.pub=Bleeping+Computer&amp;rft.date=2018-02-27&amp;rft.au=Catalin+Cimpanu&amp;rft_id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-mirai-variant-focuses-on-turning-iot-devices-into-proxy-servers%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-24"><span class="mw-cite-backlink"><b><a href="#cite_ref-24">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFRommel_Joven_and_Kenny_Yang2018" class="citation web cs1">Rommel Joven and Kenny Yang (May 17, 2018). <a rel="nofollow" class="external text" href="https://www.fortinet.com/blog/threat-research/a-wicked-family-of-bots.html">"A Wicked Family of Bots"</a>. Fortinet. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180523095410/https://www.fortinet.com/blog/threat-research/a-wicked-family-of-bots.html">Archived</a> from the original on May 23, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">May 17,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=A+Wicked+Family+of+Bots&amp;rft.pub=Fortinet&amp;rft.date=2018-05-17&amp;rft.au=Rommel+Joven+and+Kenny+Yang&amp;rft_id=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fa-wicked-family-of-bots.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-25"><span class="mw-cite-backlink"><b><a href="#cite_ref-25">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFTara_Seals2018" class="citation web cs1">Tara Seals (May 21, 2018). <a rel="nofollow" class="external text" href="https://threatpost.com/wicked-botnet-uses-passel-of-exploits-to-target-iot/132125/">"Wicked Botnet Uses Passel of Exploits to Target IoT"</a>. Threat Post. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180521191716/https://threatpost.com/wicked-botnet-uses-passel-of-exploits-to-target-iot/132125/">Archived</a> from the original on May 21, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">May 21,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Wicked+Botnet+Uses+Passel+of+Exploits+to+Target+IoT&amp;rft.pub=Threat+Post&amp;rft.date=2018-05-21&amp;rft.au=Tara+Seals&amp;rft_id=https%3A%2F%2Fthreatpost.com%2Fwicked-botnet-uses-passel-of-exploits-to-target-iot%2F132125%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-26"><span class="mw-cite-backlink"><b><a href="#cite_ref-26">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFMalwaremustdie/Unixfreaxjp2018" class="citation web cs1">Malwaremustdie/Unixfreaxjp (July 7, 2018). <a rel="nofollow" class="external text" href="https://imgur.com/a/53f29O9">"Mirai mirai on the wall.. how many are you now?"</a>. Imgur<span class="reference-accessdate">. Retrieved <span class="nowrap">July 7,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Mirai+mirai+on+the+wall..+how+many+are+you+now%3F&amp;rft.pub=Imgur&amp;rft.date=2018-07-07&amp;rft.au=Malwaremustdie%2FUnixfreaxjp&amp;rft_id=https%3A%2F%2Fimgur.com%2Fa%2F53f29O9&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-27"><span class="mw-cite-backlink"><b><a href="#cite_ref-27">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFJohannes_B._Ullrich2018" class="citation web cs1">Johannes B. Ullrich (July 10, 2018). <a rel="nofollow" class="external text" href="https://isc.sans.edu/forums/diary/Worm+Mirai+Exploiting+Android+Debug+Bridge+Port+5555tcp/23856/">"Worm (Mirai?) Exploiting Android Debug Bridge (Port 5555/tcp)"</a>. SANS ISC InfoSec Forums. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180710225211/https://isc.sans.edu/forums/diary/Worm+Mirai+Exploiting+Android+Debug+Bridge+Port+5555tcp/23856/">Archived</a> from the original on July 10, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">July 11,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Worm+%28Mirai%3F%29+Exploiting+Android+Debug+Bridge+%28Port+5555%2Ftcp%29&amp;rft.pub=SANS+ISC+InfoSec+Forums&amp;rft.date=2018-07-10&amp;rft.au=Johannes+B.+Ullrich&amp;rft_id=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2FWorm%2BMirai%2BExploiting%2BAndroid%2BDebug%2BBridge%2BPort%2B5555tcp%2F23856%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-28"><span class="mw-cite-backlink"><b><a href="#cite_ref-28">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFSatnam_Narang2019" class="citation web cs1">Satnam Narang (February 7, 2019). <a rel="nofollow" class="external text" href="https://www.tenable.com/blog/thinkphp-remote-code-execution-vulnerability-used-to-deploy-variety-of-malware-cve-2018-20062">"ThinkPHP Remote Code Execution Vulnerability Used To Deploy Variety of Malware (CVE-2018-20062)"</a>. Tenable. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190506104124/https://www.tenable.com/blog/thinkphp-remote-code-execution-vulnerability-used-to-deploy-variety-of-malware-cve-2018-20062">Archived</a> from the original on May 6, 2019<span class="reference-accessdate">. Retrieved <span class="nowrap">February 7,</span> 2019</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=ThinkPHP+Remote+Code+Execution+Vulnerability+Used+To+Deploy+Variety+of+Malware+%28CVE-2018-20062%29&amp;rft.pub=Tenable&amp;rft.date=2019-02-07&amp;rft.au=Satnam+Narang&amp;rft_id=https%3A%2F%2Fwww.tenable.com%2Fblog%2Fthinkphp-remote-code-execution-vulnerability-used-to-deploy-variety-of-malware-cve-2018-20062&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-arstechnica.com-29"><span class="mw-cite-backlink">^ <a href="#cite_ref-arstechnica.com_29-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-arstechnica.com_29-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://arstechnica.com/security/2016/10/double-dip-internet-of-things-botnet-attack-felt-across-the-internet/">"Double-dip Internet-of-Things botnet attack felt across the Internet"</a>. 21 October 2016. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170519112613/https://arstechnica.com/security/2016/10/double-dip-internet-of-things-botnet-attack-felt-across-the-internet/">Archived</a> from the original on 2017-05-19<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-06-14</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Double-dip+Internet-of-Things+botnet+attack+felt+across+the+Internet&amp;rft.date=2016-10-21&amp;rft_id=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2016%2F10%2Fdouble-dip-internet-of-things-botnet-attack-felt-across-the-internet%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-30"><span class="mw-cite-backlink"><b><a href="#cite_ref-30">^</a></b></span> <span class="reference-text"><i><a href="/wiki/The_Economist" title="The Economist">The Economist</a></i>, 8 October 2016, <a rel="nofollow" class="external text" href="https://www.economist.com/news/science-and-technology/21708220-electronic-tsunami-crashes-down-solitary-journalist-internet">The internet of stings</a> <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170806020159/https://www.economist.com/news/science-and-technology/21708220-electronic-tsunami-crashes-down-solitary-journalist-internet">Archived</a> 2017-08-06 at the <a href="/wiki/Wayback_Machine" title="Wayback Machine">Wayback Machine</a></span>
</li>
<li id="cite_note-31"><span class="mw-cite-backlink"><b><a href="#cite_ref-31">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFFruhlinger2018" class="citation web cs1">Fruhlinger, Josh (2018-03-09). <a rel="nofollow" class="external text" href="https://www.csoonline.com/article/3258748/the-mirai-botnet-explained-how-teen-scammers-and-cctv-cameras-almost-brought-down-the-internet.html">"The Mirai botnet explained: How IoT devices almost brought down the internet"</a>. <i>CSO Online</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190724154011/https://www.csoonline.com/article/3258748/the-mirai-botnet-explained-how-teen-scammers-and-cctv-cameras-almost-brought-down-the-internet.html">Archived</a> from the original on 2019-07-24<span class="reference-accessdate">. Retrieved <span class="nowrap">2019-07-24</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=CSO+Online&amp;rft.atitle=The+Mirai+botnet+explained%3A+How+IoT+devices+almost+brought+down+the+internet&amp;rft.date=2018-03-09&amp;rft.aulast=Fruhlinger&amp;rft.aufirst=Josh&amp;rft_id=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3258748%2Fthe-mirai-botnet-explained-how-teen-scammers-and-cctv-cameras-almost-brought-down-the-internet.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-32"><span class="mw-cite-backlink"><b><a href="#cite_ref-32">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained/">"Today the web was broken by countless hacked devices"</a>. theregister.co.uk. 21 October 2016. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161024090022/http://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained">Archived</a> from the original on 24 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">24 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Today+the+web+was+broken+by+countless+hacked+devices&amp;rft.pub=theregister.co.uk&amp;rft.date=2016-10-21&amp;rft_id=https%3A%2F%2Fwww.theregister.co.uk%2F2016%2F10%2F21%2Fdyn_dns_ddos_explained%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-33"><span class="mw-cite-backlink"><b><a href="#cite_ref-33">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://motherboard.vice.com/read/blame-the-internet-of-things-for-destroying-the-internet-today">"Blame the Internet of Things for Destroying the Internet Today"</a>. <i>Motherboard</i>. VICE. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161024221854/http://motherboard.vice.com/read/blame-the-internet-of-things-for-destroying-the-internet-today">Archived</a> from the original on 24 October 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">27 October</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=Motherboard&amp;rft.atitle=Blame+the+Internet+of+Things+for+Destroying+the+Internet+Today&amp;rft_id=http%3A%2F%2Fmotherboard.vice.com%2Fread%2Fblame-the-internet-of-things-for-destroying-the-internet-today&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-34"><span class="mw-cite-backlink"><b><a href="#cite_ref-34">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation news cs1"><a rel="nofollow" class="external text" href="http://www.northjersey.com/story/news/2017/12/13/union-county-man-pleads-guilty-rutgers-cyber-attacks/949591001/">"Former Rutgers student pleads guilty in cyber attacks"</a>. <i>North Jersey</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171214124310/http://www.northjersey.com/story/news/2017/12/13/union-county-man-pleads-guilty-rutgers-cyber-attacks/949591001/">Archived</a> from the original on 2017-12-14<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-12-14</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=North+Jersey&amp;rft.atitle=Former+Rutgers+student+pleads+guilty+in+cyber+attacks&amp;rft_id=http%3A%2F%2Fwww.northjersey.com%2Fstory%2Fnews%2F2017%2F12%2F13%2Funion-county-man-pleads-guilty-rutgers-cyber-attacks%2F949591001%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-35"><span class="mw-cite-backlink"><b><a href="#cite_ref-35">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://medium.com/@deeplearningsec/think-mirai-ddos-is-over-it-aint-96298a9ff896">"Think Mirai DDoS is over? It ain't!!"</a>. <a rel="nofollow" class="external text" href="https://archive.today/20161027065817/https://medium.com/@deeplearningsec/think-mirai-ddos-is-over-it-aint-96298a9ff896">Archived</a> from the original on 2016-10-27<span class="reference-accessdate">. Retrieved <span class="nowrap">2016-10-26</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.atitle=Think+Mirai+DDoS+is+over%3F+It+ain%27t%21%21&amp;rft_id=https%3A%2F%2Fmedium.com%2F%40deeplearningsec%2Fthink-mirai-ddos-is-over-it-aint-96298a9ff896&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-tel1-36"><span class="mw-cite-backlink">^ <a href="#cite_ref-tel1_36-0"><sup><i><b>a</b></i></sup></a> <a href="#cite_ref-tel1_36-1"><sup><i><b>b</b></i></sup></a></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFMcGoogan2016" class="citation news cs1">McGoogan, Cara (4 November 2016). <a rel="nofollow" class="external text" href="https://www.telegraph.co.uk/technology/2016/11/04/unprecedented-cyber-attack-takes-liberias-entire-internet-down/">"Unprecedented cyber attack takes Liberia's entire internet down"</a>. <i>The Telegraph</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161121031359/http://www.telegraph.co.uk/technology/2016/11/04/unprecedented-cyber-attack-takes-liberias-entire-internet-down/">Archived</a> from the original on 21 November 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">21 November</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=The+Telegraph&amp;rft.atitle=Unprecedented+cyber+attack+takes+Liberia%27s+entire+internet+down&amp;rft.date=2016-11-04&amp;rft.aulast=McGoogan&amp;rft.aufirst=Cara&amp;rft_id=https%3A%2F%2Fwww.telegraph.co.uk%2Ftechnology%2F2016%2F11%2F04%2Funprecedented-cyber-attack-takes-liberias-entire-internet-down%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-37"><span class="mw-cite-backlink"><b><a href="#cite_ref-37">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.pcworld.com/article/3138631/security/ddos-attack-from-mirai-malware-killing-business-in-liberia.html">"DDoS attack from Mirai malware 'killing business' in Liberia"</a>. PCWorld. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161122072327/http://www.pcworld.com/article/3138631/security/ddos-attack-from-mirai-malware-killing-business-in-liberia.html">Archived</a> from the original on 22 November 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">21 November</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=DDoS+attack+from+Mirai+malware+%27killing+business%27+in+Liberia&amp;rft.pub=PCWorld&amp;rft_id=http%3A%2F%2Fwww.pcworld.com%2Farticle%2F3138631%2Fsecurity%2Fddos-attack-from-mirai-malware-killing-business-in-liberia.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-38"><span class="mw-cite-backlink"><b><a href="#cite_ref-38">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://www.theguardian.com/technology/2016/nov/03/cyberattack-internet-liberia-ddos-hack-botnet">"Massive cyber-attack grinds Liberia's internet to a halt"</a>. <i>The Guardian</i>. 3 November 2016. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161121103649/https://www.theguardian.com/technology/2016/nov/03/cyberattack-internet-liberia-ddos-hack-botnet">Archived</a> from the original on 21 November 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">21 November</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=The+Guardian&amp;rft.atitle=Massive+cyber-attack+grinds+Liberia%27s+internet+to+a+halt&amp;rft.date=2016-11-03&amp;rft_id=https%3A%2F%2Fwww.theguardian.com%2Ftechnology%2F2016%2Fnov%2F03%2Fcyberattack-internet-liberia-ddos-hack-botnet&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-39"><span class="mw-cite-backlink"><b><a href="#cite_ref-39">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFKrebs,_Brian2016" class="citation web cs1">Krebs, Brian (30 November 2016). <a rel="nofollow" class="external text" href="https://web.archive.org/web/20161220161008/https://krebsonsecurity.com/2016/11/new-mirai-worm-knocks-900k-germans-offline/">"New Mirai Worm Knocks 900K Germans Offline"</a>. krebsonsecurity.com. Archived from <a rel="nofollow" class="external text" href="https://krebsonsecurity.com/2016/11/new-mirai-worm-knocks-900k-germans-offline/">the original</a> on 20 December 2016<span class="reference-accessdate">. Retrieved <span class="nowrap">14 December</span> 2016</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=New+Mirai+Worm+Knocks+900K+Germans+Offline&amp;rft.pub=krebsonsecurity.com&amp;rft.date=2016-11-30&amp;rft.au=Krebs%2C+Brian&amp;rft_id=https%3A%2F%2Fkrebsonsecurity.com%2F2016%2F11%2Fnew-mirai-worm-knocks-900k-germans-offline%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-40"><span class="mw-cite-backlink"><b><a href="#cite_ref-40">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="http://www.dw.com/en/german-leaders-angry-at-cyberattack-hint-at-russian-involvement/a-36573668">"German leaders angry at cyberattack, hint at Russian involvement | Germany | DW.COM | 29.11.2016"</a>. Deutsche Welle. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170105181243/http://www.dw.com/en/german-leaders-angry-at-cyberattack-hint-at-russian-involvement/a-36573668">Archived</a> from the original on 5 January 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">5 January</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=German+leaders+angry+at+cyberattack%2C+hint+at+Russian+involvement+%7C+Germany+%7C+DW.COM+%7C+29.11.2016&amp;rft.pub=Deutsche+Welle&amp;rft_id=http%3A%2F%2Fwww.dw.com%2Fen%2Fgerman-leaders-angry-at-cyberattack-hint-at-russian-involvement%2Fa-36573668&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-41"><span class="mw-cite-backlink"><b><a href="#cite_ref-41">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation web cs1"><a rel="nofollow" class="external text" href="https://web.archive.org/web/20161222032237/https://www.incapsula.com/blog/new-variant-mirai-embeds-talktalk-home-routers.html">"New Mirai Variant Embeds in TalkTalk Home Routers"</a>. <i>www.incapsula.com</i>. Archived from <a rel="nofollow" class="external text" href="https://www.incapsula.com/blog/new-variant-mirai-embeds-talktalk-home-routers.html">the original</a> on 2016-12-22<span class="reference-accessdate">. Retrieved <span class="nowrap">2016-12-18</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=www.incapsula.com&amp;rft.atitle=New+Mirai+Variant+Embeds+in+TalkTalk+Home+Routers&amp;rft_id=https%3A%2F%2Fwww.incapsula.com%2Fblog%2Fnew-variant-mirai-embeds-talktalk-home-routers.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-42"><span class="mw-cite-backlink"><b><a href="#cite_ref-42">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite class="citation news cs1"><a rel="nofollow" class="external text" href="https://www.bbc.com/news/technology-37510502">"Router hacker suspect arrested at Luton Airport"</a>. <i>BBC News</i>. 2017-02-23. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170224055712/http://www.bbc.com/news/technology-37510502">Archived</a> from the original on 2017-02-24<span class="reference-accessdate">. Retrieved <span class="nowrap">2017-02-23</span></span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=article&amp;rft.jtitle=BBC+News&amp;rft.atitle=Router+hacker+suspect+arrested+at+Luton+Airport&amp;rft.date=2017-02-23&amp;rft_id=https%3A%2F%2Fwww.bbc.com%2Fnews%2Ftechnology-37510502&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-43"><span class="mw-cite-backlink"><b><a href="#cite_ref-43">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFClarkMueller2017" class="citation web cs1">Clark, Adam; Mueller, Mark (21 January 2017). <a rel="nofollow" class="external text" href="http://www.nj.com/news/index.ssf/2017/01/rutgers_student_questioned_cyber_attack.html">"FBI questions Rutgers student about massive cyber attack"</a>. <i>NJ.com</i>. <a rel="nofollow" class="external text" href="https://archive.today/20170123081123/http://www.nj.com/news/index.ssf/2017/01/rutgers_student_questioned_cyber_attack.html">Archived</a> from the original on 23 January 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">25 January</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=NJ.com&amp;rft.atitle=FBI+questions+Rutgers+student+about+massive+cyber+attack&amp;rft.date=2017-01-21&amp;rft.aulast=Clark&amp;rft.aufirst=Adam&amp;rft.au=Mueller%2C+Mark&amp;rft_id=http%3A%2F%2Fwww.nj.com%2Fnews%2Findex.ssf%2F2017%2F01%2Frutgers_student_questioned_cyber_attack.html&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-44"><span class="mw-cite-backlink"><b><a href="#cite_ref-44">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFJustice2017" class="citation web cs1">Justice, Department of (13 December 2017). <a rel="nofollow" class="external text" href="https://www.justice.gov/usao-nj/pr/justice-department-announces-charges-and-guilty-pleas-three-computer-crime-cases">"Justice Department Announces Charges And Guilty Pleas In Three Computer Crime Cases Involving Significant Cyber Attacks"</a>. <i>justice.gov</i>. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171213203120/https://www.justice.gov/usao-nj/pr/justice-department-announces-charges-and-guilty-pleas-three-computer-crime-cases">Archived</a> from the original on 13 December 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">13 December</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&amp;rft.genre=unknown&amp;rft.jtitle=justice.gov&amp;rft.atitle=Justice+Department+Announces+Charges+And+Guilty+Pleas+In+Three+Computer+Crime+Cases+Involving+Significant+Cyber+Attacks&amp;rft.date=2017-12-13&amp;rft.aulast=Justice&amp;rft.aufirst=Department+of&amp;rft_id=https%3A%2F%2Fwww.justice.gov%2Fusao-nj%2Fpr%2Fjustice-department-announces-charges-and-guilty-pleas-three-computer-crime-cases&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-45"><span class="mw-cite-backlink"><b><a href="#cite_ref-45">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFBrian_Krebs2017" class="citation web cs1">Brian Krebs (July 5, 2017). <a rel="nofollow" class="external text" href="https://krebsonsecurity.com/2017/07/who-is-the-govrat-author-and-mirai-botmaster-bestbuy/">"Who is the GovRAT Author and Mirai Botmaster'Bestbuy'?"</a>. Krebs on Security. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170705232229/https://krebsonsecurity.com/2017/07/who-is-the-govrat-author-and-mirai-botmaster-bestbuy/">Archived</a> from the original on July 5, 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">July 5,</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Who+is+the+GovRAT+Author+and+Mirai+Botmaster%27Bestbuy%27%3F&amp;rft.pub=Krebs+on+Security&amp;rft.date=2017-07-05&amp;rft.au=Brian+Krebs&amp;rft_id=https%3A%2F%2Fkrebsonsecurity.com%2F2017%2F07%2Fwho-is-the-govrat-author-and-mirai-botmaster-bestbuy%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-46"><span class="mw-cite-backlink"><b><a href="#cite_ref-46">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFMathew_J._Schwartz2017" class="citation web cs1">Mathew J. Schwartz (August 31, 2017). <a rel="nofollow" class="external text" href="https://www.bankinfosecurity.com/mirai-malware-mastermind-extradited-from-germany-to-uk-a-10247">"Mirai Malware Attacker Extradited From Germany to UK"</a>. Bank Info Security. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20170831155843/https://www.bankinfosecurity.com/mirai-malware-mastermind-extradited-from-germany-to-uk-a-10247">Archived</a> from the original on August 31, 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">August 31,</span> 2017</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Mirai+Malware+Attacker+Extradited+From+Germany+to+UK&amp;rft.pub=Bank+Info+Security&amp;rft.date=2017-08-31&amp;rft.au=Mathew+J.+Schwartz&amp;rft_id=https%3A%2F%2Fwww.bankinfosecurity.com%2Fmirai-malware-mastermind-extradited-from-germany-to-uk-a-10247&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-47"><span class="mw-cite-backlink"><b><a href="#cite_ref-47">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFCheck_Point_Research2017" class="citation web cs1">Check Point Research (December 21, 2017). <a rel="nofollow" class="external text" href="https://research.checkpoint.com/good-zero-day-skiddie/">"Huawei Home Routers in Botnet Recruitment"</a>. Check Point. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180206190336/https://research.checkpoint.com/good-zero-day-skiddie/">Archived</a> from the original on February 6, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Huawei+Home+Routers+in+Botnet+Recruitment&amp;rft.pub=Check+Point&amp;rft.date=2017-12-21&amp;rft.au=Check+Point+Research&amp;rft_id=https%3A%2F%2Fresearch.checkpoint.com%2Fgood-zero-day-skiddie%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-48"><span class="mw-cite-backlink"><b><a href="#cite_ref-48">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFCatalin_Cimpanu2017" class="citation web cs1">Catalin Cimpanu (December 22, 2017). <a rel="nofollow" class="external text" href="https://www.bleepingcomputer.com/news/security/amateur-hacker-behind-satori-botnet/">"Amateur Hacker Behind Satori Botnet"</a>. Bleeping Computer. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20171227221441/https://www.bleepingcomputer.com/news/security/amateur-hacker-behind-satori-botnet/">Archived</a> from the original on December 27, 2017<span class="reference-accessdate">. Retrieved <span class="nowrap">February 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Amateur+Hacker+Behind+Satori+Botnet&amp;rft.pub=Bleeping+Computer&amp;rft.date=2017-12-22&amp;rft.au=Catalin+Cimpanu&amp;rft_id=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Famateur-hacker-behind-satori-botnet%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-49"><span class="mw-cite-backlink"><b><a href="#cite_ref-49">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFKevin_Poulsen2018" class="citation web cs1">Kevin Poulsen (August 30, 2018). <a rel="nofollow" class="external text" href="https://www.thedailybeast.com/newbie-hacker-fingered-for-monster-botnet">"Newbie Hacker Fingered for Monster Botnet"</a>. The Daily Baast. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190807042925/https://www.thedailybeast.com/newbie-hacker-fingered-for-monster-botnet">Archived</a> from the original on August 7, 2019<span class="reference-accessdate">. Retrieved <span class="nowrap">August 30,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Newbie+Hacker+Fingered+for+Monster+Botnet&amp;rft.pub=The+Daily+Baast&amp;rft.date=2018-08-30&amp;rft.au=Kevin+Poulsen&amp;rft_id=https%3A%2F%2Fwww.thedailybeast.com%2Fnewbie-hacker-fingered-for-monster-botnet&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-50"><span class="mw-cite-backlink"><b><a href="#cite_ref-50">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFJessica_Prokop2018" class="citation web cs1">Jessica Prokop (September 4, 2018). <a rel="nofollow" class="external text" href="https://www.columbian.com/news/2018/sep/04/vancouver-man-charged-federal-hacking-case-alaska/">"Vancouver man charged in federal hacking case in Alaska"</a>. The Columbian. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20180905084022/https://www.columbian.com/news/2018/sep/04/vancouver-man-charged-federal-hacking-case-alaska/">Archived</a> from the original on September 5, 2018<span class="reference-accessdate">. Retrieved <span class="nowrap">September 4,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Vancouver+man+charged+in+federal+hacking+case+in+Alaska&amp;rft.pub=The+Columbian&amp;rft.date=2018-09-04&amp;rft.au=Jessica+Prokop&amp;rft_id=https%3A%2F%2Fwww.columbian.com%2Fnews%2F2018%2Fsep%2F04%2Fvancouver-man-charged-federal-hacking-case-alaska%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
<li id="cite_note-51"><span class="mw-cite-backlink"><b><a href="#cite_ref-51">^</a></b></span> <span class="reference-text"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r999302996"/><cite id="CITEREFCatalin_Cimpanu2018" class="citation web cs1">Catalin Cimpanu (October 28, 2018). <a rel="nofollow" class="external text" href="https://www.zdnet.com/article/satori-botnet-author-in-jail-again-after-breaking-pretrial-release-conditions/">"Satori botnet author in jail again after breaking pretrial release conditions"</a>. ZD Net. <a rel="nofollow" class="external text" href="https://web.archive.org/web/20190905151442/https://www.zdnet.com/article/satori-botnet-author-in-jail-again-after-breaking-pretrial-release-conditions/">Archived</a> from the original on September 5, 2019<span class="reference-accessdate">. Retrieved <span class="nowrap">October 28,</span> 2018</span>.</cite><span title="ctx_ver=Z39.88-2004&amp;rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&amp;rft.genre=unknown&amp;rft.btitle=Satori+botnet+author+in+jail+again+after+breaking+pretrial+release+conditions&amp;rft.pub=ZD+Net&amp;rft.date=2018-10-28&amp;rft.au=Catalin+Cimpanu&amp;rft_id=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fsatori-botnet-author-in-jail-again-after-breaking-pretrial-release-conditions%2F&amp;rfr_id=info%3Asid%2Fen.wikipedia.org%3AMirai+%28malware%29" class="Z3988"></span></span>
</li>
</ol></div>
<div class="navbox-styles nomobile"><style data-mw-deduplicate="TemplateStyles:r1061467846">.mw-parser-output .navbox{box-sizing:border-box;border:1px solid #a2a9b1;width:100%;clear:both;font-size:88%;text-align:center;padding:1px;margin:1em auto 0}.mw-parser-output .navbox .navbox{margin-top:0}.mw-parser-output .navbox+.navbox,.mw-parser-output .navbox+.navbox-styles+.navbox{margin-top:-1px}.mw-parser-output .navbox-inner,.mw-parser-output .navbox-subgroup{width:100%}.mw-parser-output .navbox-group,.mw-parser-output .navbox-title,.mw-parser-output .navbox-abovebelow{padding:0.25em 1em;line-height:1.5em;text-align:center}.mw-parser-output .navbox-group{white-space:nowrap;text-align:right}.mw-parser-output .navbox,.mw-parser-output .navbox-subgroup{background-color:#fdfdfd}.mw-parser-output .navbox-list{line-height:1.5em;border-color:#fdfdfd}.mw-parser-output .navbox-list-with-group{text-align:left;border-left-width:2px;border-left-style:solid}.mw-parser-output tr+tr>.navbox-abovebelow,.mw-parser-output tr+tr>.navbox-group,.mw-parser-output tr+tr>.navbox-image,.mw-parser-output tr+tr>.navbox-list{border-top:2px solid #fdfdfd}.mw-parser-output .navbox-title{background-color:#ccf}.mw-parser-output .navbox-abovebelow,.mw-parser-output .navbox-group,.mw-parser-output .navbox-subgroup .navbox-title{background-color:#ddf}.mw-parser-output .navbox-subgroup .navbox-group,.mw-parser-output .navbox-subgroup .navbox-abovebelow{background-color:#e6e6ff}.mw-parser-output .navbox-even{background-color:#f7f7f7}.mw-parser-output .navbox-odd{background-color:transparent}.mw-parser-output .navbox .hlist td dl,.mw-parser-output .navbox .hlist td ol,.mw-parser-output .navbox .hlist td ul,.mw-parser-output .navbox td.hlist dl,.mw-parser-output .navbox td.hlist ol,.mw-parser-output .navbox td.hlist ul{padding:0.125em 0}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}</style></div><div role="navigation" class="navbox" aria-labelledby="Internet_of_things_(IoT)_malware" style="padding:3px"><table class="nowraplinks mw-collapsible autocollapse navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><style data-mw-deduplicate="TemplateStyles:r1054937957">.mw-parser-output .navbar{display:inline;font-size:88%;font-weight:normal}.mw-parser-output .navbar-collapse{float:left;text-align:left}.mw-parser-output .navbar-boxtext{word-spacing:0}.mw-parser-output .navbar ul{display:inline-block;white-space:nowrap;line-height:inherit}.mw-parser-output .navbar-brackets::before{margin-right:-0.125em;content:"[ "}.mw-parser-output .navbar-brackets::after{margin-left:-0.125em;content:" ]"}.mw-parser-output .navbar li{word-spacing:-0.125em}.mw-parser-output .navbar a>span,.mw-parser-output .navbar a>abbr{text-decoration:inherit}.mw-parser-output .navbar-mini abbr{font-variant:small-caps;border-bottom:none;text-decoration:none;cursor:inherit}.mw-parser-output .navbar-ct-full{font-size:114%;margin:0 7em}.mw-parser-output .navbar-ct-mini{font-size:114%;margin:0 4em}.mw-parser-output .infobox .navbar{font-size:100%}.mw-parser-output .navbox .navbar{display:block;font-size:100%}.mw-parser-output .navbox-title .navbar{float:left;text-align:left;margin-right:0.5em}</style><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:IoT_malware" title="Template:IoT malware"><abbr title="View this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:IoT_malware" title="Template talk:IoT malware"><abbr title="Discuss this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">t</abbr></a></li><li class="nv-edit"><a class="external text" href="https://en.wikipedia.org/w/index.php?title=Template:IoT_malware&amp;action=edit"><abbr title="Edit this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">e</abbr></a></li></ul></div><div id="Internet_of_things_(IoT)_malware" style="font-size:114%;margin:0 4em">Internet of things (IoT) malware</div></th></tr><tr><th scope="row" class="navbox-group" style="width:1%">Notable IoT malware</th><td class="navbox-list-with-group navbox-list navbox-odd hlist" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/BASHLITE" title="BASHLITE">BASHLITE</a></li>
<li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li>
<li><a href="/wiki/Carna_botnet" title="Carna botnet">Carna</a></li>
<li><a href="/wiki/Hajime_(malware)" title="Hajime (malware)">Hajime</a></li>
<li><a href="/wiki/Linux.Darlloz" title="Linux.Darlloz">Linux.Darlloz</a></li>
<li><a href="/wiki/Linux.Wifatch" title="Linux.Wifatch">Linux.Wifatch</a></li>
<li><a class="mw-selflink selflink">Mirai</a></li>
<li><a href="/wiki/Remaiten" title="Remaiten">Remaiten</a></li></ul>
</div></td></tr></tbody></table></div>
<div class="navbox-styles nomobile"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1061467846"/></div><div role="navigation" class="navbox" aria-labelledby="Hacking_in_the_2010s" style="padding:3px"><table class="nowraplinks hlist mw-collapsible autocollapse navbox-inner" style="border-spacing:0;background:transparent;color:inherit"><tbody><tr><th scope="col" class="navbox-title" colspan="2"><link rel="mw-deduplicated-inline-style" href="mw-data:TemplateStyles:r1054937957"/><div class="navbar plainlinks hlist navbar-mini"><ul><li class="nv-view"><a href="/wiki/Template:Hacking_in_the_2010s" title="Template:Hacking in the 2010s"><abbr title="View this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">v</abbr></a></li><li class="nv-talk"><a href="/wiki/Template_talk:Hacking_in_the_2010s" title="Template talk:Hacking in the 2010s"><abbr title="Discuss this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">t</abbr></a></li><li class="nv-edit"><a class="external text" href="https://en.wikipedia.org/w/index.php?title=Template:Hacking_in_the_2010s&amp;action=edit"><abbr title="Edit this template" style=";;background:none transparent;border:none;box-shadow:none;padding:0;">e</abbr></a></li></ul></div><div id="Hacking_in_the_2010s" style="font-size:114%;margin:0 4em">Hacking in the 2010s</div></th></tr><tr><td class="navbox-abovebelow" colspan="2"><div id="←_2000s_Timeline_2020s_→"><table style="width:100%; margin:1px; display:inline-table;"><tbody><tr>
<td style="text-align:left; vertical-align:middle; padding:0 0.5em 0 0;" class="noprint">&#8592;&#160;<a href="/wiki/Template:Hacking_in_the_2000s" title="Template:Hacking in the 2000s">2000s</a></td>
<td style="text-align:center; vertical-align:middle;; padding:0 1px;" class=""><a href="/wiki/Timeline_of_computer_security_hacker_history#2010s" class="mw-redirect" title="Timeline of computer security hacker history">Timeline</a></td>
<td style="text-align:right; vertical-align:middle;; padding:0 0 0 0.5em;" class="noprint"><a href="/wiki/Template:Hacking_in_the_2020s" title="Template:Hacking in the 2020s">2020s</a>&#160;&#8594;</td>
</tr></tbody></table></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major incidents</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Operation_Aurora" title="Operation Aurora">Operation Aurora</a></li>
<li><a href="/wiki/February_2010_Australian_cyberattacks" title="February 2010 Australian cyberattacks">Australian cyberattacks</a></li>
<li><a href="/wiki/Shadow_Network" title="Shadow Network">Operation ShadowNet</a></li>
<li><a href="/wiki/Operation_Payback" title="Operation Payback">Operation Payback</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/DigiNotar" title="DigiNotar">DigiNotar</a></li>
<li><a href="/wiki/DNSChanger" title="DNSChanger">DNSChanger</a></li>
<li><a href="/wiki/HBGary" title="HBGary">HBGary Federal</a></li>
<li><a href="/wiki/Operation_AntiSec" title="Operation AntiSec">Operation AntiSec</a></li>
<li><a href="/wiki/Operation_Tunisia" title="Operation Tunisia">Operation Tunisia</a></li>
<li><a href="/wiki/2011_PlayStation_Network_outage" title="2011 PlayStation Network outage">PlayStation</a></li>
<li><a href="/wiki/RSA_SecurID#March_2011_system_compromise" title="RSA SecurID">RSA SecurID compromise</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/2012_LinkedIn_hack" title="2012 LinkedIn hack">LinkedIn hack</a></li>
<li><a href="/wiki/2012%E2%80%9313_Stratfor_email_leak" title="2012–13 Stratfor email leak">Stratfor email leak</a></li>
<li><a href="/wiki/Operation_High_Roller" title="Operation High Roller">Operation High Roller</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/2013_South_Korea_cyberattack" title="2013 South Korea cyberattack">South Korea cyberattack</a></li>
<li><a href="/wiki/Snapchat#December_2013_hack" title="Snapchat">Snapchat hack</a></li>
<li><a href="/wiki/June_25_cyber_terror" class="mw-redirect" title="June 25 cyber terror">Cyberterrorism Attack of June 25</a></li>
<li><a href="/wiki/Yahoo!_data_breaches#August_2013_breach" title="Yahoo! data breaches">2013 Yahoo! data breach</a></li>
<li><a href="/wiki/2013_Singapore_cyberattacks" title="2013 Singapore cyberattacks">Singapore cyberattacks</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Anthem_medical_data_breach" title="Anthem medical data breach">Anthem medical data breach</a></li>
<li><a href="/wiki/Operation_Tovar" title="Operation Tovar">Operation Tovar</a></li>
<li><a href="/wiki/2014_celebrity_nude_photo_leak" title="2014 celebrity nude photo leak">2014 celebrity nude photo leak</a></li>
<li><a href="/wiki/2014_JPMorgan_Chase_data_breach" title="2014 JPMorgan Chase data breach">2014 JPMorgan Chase data breach</a></li>
<li><a href="/wiki/Sony_Pictures_hack" title="Sony Pictures hack">Sony Pictures hack</a></li>
<li><a href="/wiki/2014_Russian_hacker_password_theft" title="2014 Russian hacker password theft">Russian hacker password theft</a></li>
<li><a href="/wiki/Yahoo!_data_breaches#Late_2014_breach" title="Yahoo! data breaches">2014 Yahoo! data breach</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Office_of_Personnel_Management_data_breach" title="Office of Personnel Management data breach">Office of Personnel Management data breach</a></li>
<li><a href="/wiki/Hacking_Team#2015_data_breach" title="Hacking Team">Hacking Team</a></li>
<li><a href="/wiki/Ashley_Madison_data_breach" title="Ashley Madison data breach">Ashley Madison data breach</a></li>
<li><a href="/wiki/VTech#2015_data_breach" title="VTech">VTech data breach</a></li>
<li><a href="/wiki/December_2015_Ukraine_power_grid_cyberattack" class="mw-redirect" title="December 2015 Ukraine power grid cyberattack">Ukrainian Power Grid Cyberattack</a></li>
<li><a href="/wiki/2015%E2%80%932016_SWIFT_banking_hack" title="2015–2016 SWIFT banking hack">SWIFT banking hack</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Bangladesh_Bank_robbery" title="Bangladesh Bank robbery">Bangladesh Bank robbery</a></li>
<li><a href="/wiki/Hollywood_Presbyterian_Medical_Center#Ransomware" title="Hollywood Presbyterian Medical Center">Hollywood Presbyterian Medical Center ransomware incident</a></li>
<li><a href="/wiki/Commission_on_Elections_data_breach" title="Commission on Elections data breach">Commission on Elections data breach</a></li>
<li><a href="/wiki/Democratic_National_Committee_cyber_attacks" title="Democratic National Committee cyber attacks">Democratic National Committee cyber attacks</a></li>
<li><a href="/wiki/Vietnamese_airports_hackings" title="Vietnamese airports hackings">Vietnam Airport Hacks</a></li>
<li><a href="/wiki/Democratic_Congressional_Campaign_Committee_cyber_attacks" title="Democratic Congressional Campaign Committee cyber attacks">DCCC cyber attacks</a></li>
<li><a href="/wiki/2016_Indian_Banks_data_breach" title="2016 Indian Banks data breach">Indian Bank data breaches</a></li>
<li><a href="/wiki/Surkov_leaks" title="Surkov leaks">Surkov leaks</a></li>
<li><a href="/wiki/2016_Dyn_cyberattack" class="mw-redirect" title="2016 Dyn cyberattack">Dyn cyberattack</a></li>
<li><a href="/wiki/Russian_interference_in_the_2016_United_States_elections" title="Russian interference in the 2016 United States elections">Russian interference in the 2016 U.S. elections</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/2017_Macron_e-mail_leaks" title="2017 Macron e-mail leaks">2017 Macron e-mail leaks</a></li>
<li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry ransomware attack</a></li>
<li><a href="/wiki/2017_Westminster_cyberattack" class="mw-redirect" title="2017 Westminster cyberattack">Westminster cyberattack</a></li>
<li><a href="/wiki/Petya_(malware)" title="Petya (malware)">Petya cyberattack</a>
<ul><li><a href="/wiki/2017_cyberattacks_on_Ukraine" title="2017 cyberattacks on Ukraine">2017 cyberattacks on Ukraine</a></li></ul></li>
<li><a href="/wiki/2017_Equifax_data_breach" title="2017 Equifax data breach">Equifax data breach</a></li>
<li><a href="/wiki/Deloitte#E-mail_hack" title="Deloitte">Deloitte breach</a></li>
<li><a href="/wiki/Disqus#October_2017_security_breach" title="Disqus">Disqus breach</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2018</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Trustico#DigiCert_and_Trustico_spat,_2018" title="Trustico">Trustico</a></li>
<li><a href="/wiki/2018_Atlanta_cyberattack" class="mw-redirect" title="2018 Atlanta cyberattack">Atlanta cyberattack</a></li>
<li><a href="/wiki/2018_SingHealth_data_breach" title="2018 SingHealth data breach">SingHealth data breach</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/2019_cyberattacks_on_Sri_Lanka" title="2019 cyberattacks on Sri Lanka">Sri Lanka cyberattack</a></li>
<li><a href="/wiki/2019_Baltimore_ransomware_attack" title="2019 Baltimore ransomware attack">Baltimore ransomware attack</a></li>
<li><a href="/wiki/2019_Bulgarian_revenue_agency_hack" title="2019 Bulgarian revenue agency hack">Bulgarian revenue agency hack</a></li>
<li><a href="/wiki/Jeff_Bezos_phone_hacking" title="Jeff Bezos phone hacking">Jeff Bezos phone hacking</a></li></ul>
</div></td></tr></tbody></table><div></div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacktivism" title="Hacktivism">Hacktivism</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Anonymous_(group)" class="mw-redirect" title="Anonymous (group)">Anonymous</a>
<ul><li><a href="/wiki/Timeline_of_events_associated_with_Anonymous" title="Timeline of events associated with Anonymous">associated events</a></li></ul></li>
<li><a href="/wiki/CyberBerkut" title="CyberBerkut">CyberBerkut</a></li>
<li><a href="/wiki/Gay_Nigger_Association_of_America" title="Gay Nigger Association of America">GNAA</a></li>
<li><a href="/wiki/Goatse_Security" title="Goatse Security">Goatse Security</a></li>
<li><a href="/wiki/Lizard_Squad" title="Lizard Squad">Lizard Squad</a></li>
<li><a href="/wiki/LulzRaft" title="LulzRaft">LulzRaft</a></li>
<li><a href="/wiki/LulzSec" title="LulzSec">LulzSec</a></li>
<li><a href="/wiki/2016_Dyn_cyberattack#Perpetrators" class="mw-redirect" title="2016 Dyn cyberattack">New World Hackers</a></li>
<li><a href="/wiki/NullCrew" title="NullCrew">NullCrew</a></li>
<li><a href="/wiki/OurMine" title="OurMine">OurMine</a></li>
<li><a href="/wiki/PayPal_14" title="PayPal 14">PayPal 14</a></li>
<li><a href="/wiki/RedHack" title="RedHack">RedHack</a></li>
<li><a href="/wiki/TeaMp0isoN" title="TeaMp0isoN">TeaMp0isoN</a></li>
<li><a href="/wiki/UGNazi" title="UGNazi">UGNazi</a></li>
<li><a href="/wiki/Ukrainian_Cyber_Alliance" title="Ukrainian Cyber Alliance">Ukrainian Cyber Alliance</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Advanced_persistent_threat" title="Advanced persistent threat">Advanced<br />persistent threats</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Bureau_121" title="Bureau 121">Bureau 121</a></li>
<li><a href="/wiki/Charming_Kitten" title="Charming Kitten">Charming Kitten</a></li>
<li><a href="/wiki/Cozy_Bear" title="Cozy Bear">Cozy Bear</a></li>
<li><a href="/wiki/Dark_Basin" title="Dark Basin">Dark Basin</a></li>
<li><a href="/wiki/Elfin_Team" title="Elfin Team">Elfin Team</a></li>
<li><a href="/wiki/Equation_Group" title="Equation Group">Equation Group</a></li>
<li><a href="/wiki/Fancy_Bear" title="Fancy Bear">Fancy Bear</a></li>
<li><a href="/wiki/Guccifer_2.0" title="Guccifer 2.0">Guccifer 2.0</a></li>
<li><a href="/wiki/Hacking_Team" title="Hacking Team">Hacking Team</a></li>
<li><a href="/wiki/Helix_Kitten" title="Helix Kitten">Helix Kitten</a></li>
<li><a href="/wiki/Iranian_Cyber_Army" title="Iranian Cyber Army">Iranian Cyber Army</a></li>
<li><a href="/wiki/Lazarus_Group" title="Lazarus Group">Lazarus Group</a> (<a href="/wiki/Lazarus_Group#BlueNorOff" title="Lazarus Group">BlueNorOff</a>) (<a href="/wiki/Lazarus_Group#AndAriel" title="Lazarus Group">AndAriel</a>)</li>
<li><a href="/wiki/NSO_Group" title="NSO Group">NSO Group</a></li>
<li><a href="/wiki/PLA_Unit_61398" title="PLA Unit 61398">PLA Unit 61398</a></li>
<li><a href="/wiki/PLA_Unit_61486" title="PLA Unit 61486">PLA Unit 61486</a></li>
<li><a href="/wiki/PLATINUM_(cybercrime_group)" title="PLATINUM (cybercrime group)">PLATINUM</a></li>
<li><a href="/wiki/Pranknet" title="Pranknet">Pranknet</a></li>
<li><a href="/wiki/Red_Apollo" title="Red Apollo">Red Apollo</a></li>
<li><a href="/wiki/Rocket_Kitten" title="Rocket Kitten">Rocket Kitten</a></li>
<li><a href="/wiki/Syrian_Electronic_Army" title="Syrian Electronic Army">Syrian Electronic Army</a></li>
<li><a href="/wiki/Tailored_Access_Operations" title="Tailored Access Operations">Tailored Access Operations</a></li>
<li><a href="/wiki/The_Shadow_Brokers" title="The Shadow Brokers">The Shadow Brokers</a></li>
<li><a href="/wiki/Yemen_Cyber_Army" title="Yemen Cyber Army">Yemen Cyber Army</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Hacker" title="Hacker">Individuals</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/George_Hotz" title="George Hotz">George Hotz</a></li>
<li><a href="/wiki/Guccifer" title="Guccifer">Guccifer</a></li>
<li><a href="/wiki/Jeremy_Hammond" title="Jeremy Hammond">Jeremy Hammond</a></li>
<li><a href="/wiki/Junaid_Hussain" title="Junaid Hussain">Junaid Hussain</a></li>
<li><a href="/wiki/Kristoffer_von_Hassel" title="Kristoffer von Hassel">Kristoffer von Hassel</a></li>
<li><a href="/wiki/Mustafa_Al-Bassam" title="Mustafa Al-Bassam">Mustafa Al-Bassam</a></li>
<li><a href="/wiki/MLT_(hacktivist)" title="MLT (hacktivist)">MLT</a></li>
<li><a href="/wiki/Ryan_Ackroyd" title="Ryan Ackroyd">Ryan Ackroyd</a></li>
<li><a href="/wiki/Hector_Monsegur" title="Hector Monsegur">Sabu</a></li>
<li><a href="/wiki/Topiary_(hacktivist)" title="Topiary (hacktivist)">Topiary</a></li>
<li><a href="/wiki/Roman_Seleznev" title="Roman Seleznev">Track2</a></li>
<li><a href="/wiki/The_Jester_(hacktivist)" title="The Jester (hacktivist)">The Jester</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">Major <a href="/wiki/Vulnerability_(computing)" title="Vulnerability (computing)">vulnerabilities</a><br />publicly <a href="/wiki/Full_disclosure_(computer_security)" title="Full disclosure (computer security)">disclosed</a></th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Evercookie" title="Evercookie">Evercookie</a> (2010)</li>
<li><a href="/wiki/ISeeYou" title="ISeeYou">iSeeYou</a> (2013)</li>
<li><a href="/wiki/Heartbleed" title="Heartbleed"> Heartbleed</a> (2014)</li>
<li><a href="/wiki/Shellshock_(software_bug)" title="Shellshock (software bug)">Shellshock</a> (2014)</li>
<li><a href="/wiki/POODLE" title="POODLE">POODLE</a> (2014)</li>
<li><a href="/wiki/Rootpipe" title="Rootpipe">Rootpipe</a> (2014)</li>
<li><a href="/wiki/Row_hammer" title="Row hammer">Row hammer</a> (2014)</li>
<li><a href="/wiki/JASBUG" title="JASBUG">JASBUG</a> (2015)</li>
<li><a href="/wiki/Stagefright_(bug)" title="Stagefright (bug)">Stagefright</a> (2015)</li>
<li><a href="/wiki/DROWN_attack" title="DROWN attack">DROWN</a> (2016)</li>
<li><a href="/wiki/Badlock" title="Badlock">Badlock</a> (2016)</li>
<li><a href="/wiki/Dirty_COW" title="Dirty COW">Dirty COW</a> (2016)</li>
<li><a href="/wiki/Cloudbleed" title="Cloudbleed">Cloudbleed</a> (2017)</li>
<li><a href="/wiki/Broadcom_Corporation#soc-wifi-vulns" title="Broadcom Corporation">Broadcom Wi-Fi</a> (2017)</li>
<li><a href="/wiki/EternalBlue" title="EternalBlue">EternalBlue</a> (2017)</li>
<li><a href="/wiki/DoublePulsar" title="DoublePulsar">DoublePulsar</a> (2017)</li>
<li><a href="/wiki/Intel_Active_Management_Technology#Silent_Bob_is_Silent" title="Intel Active Management Technology">Silent Bob is Silent</a> (2017)</li>
<li><a href="/wiki/KRACK" title="KRACK">KRACK</a> (2017)</li>
<li><a href="/wiki/ROCA_vulnerability" title="ROCA vulnerability">ROCA vulnerability</a> (2017)</li>
<li><a href="/wiki/BlueBorne_(security_vulnerability)" title="BlueBorne (security vulnerability)">BlueBorne</a> (2017)</li>
<li><a href="/wiki/Meltdown_(security_vulnerability)" title="Meltdown (security vulnerability)">Meltdown</a> (2018)</li>
<li><a href="/wiki/Spectre_(security_vulnerability)" title="Spectre (security vulnerability)">Spectre</a> (2018)</li>
<li><a href="/wiki/EFAIL" title="EFAIL">EFAIL</a> (2018)</li>
<li><a href="/wiki/Exactis" title="Exactis">Exactis</a> (2018)</li>
<li><a href="/wiki/Speculative_Store_Bypass" title="Speculative Store Bypass">Speculative Store Bypass</a> (2018)</li>
<li><a href="/wiki/Lazy_FP_State_Restore" class="mw-redirect" title="Lazy FP State Restore">Lazy FP State Restore</a> (2018)</li>
<li><a href="/wiki/TLBleed" title="TLBleed">TLBleed</a> (2018)</li>
<li><a href="/wiki/SigSpoof" title="SigSpoof">SigSpoof</a> (2018)</li>
<li><a href="/wiki/Foreshadow" title="Foreshadow">Foreshadow</a> (2018)</li>
<li><a href="/wiki/Microarchitectural_Data_Sampling" title="Microarchitectural Data Sampling">Microarchitectural Data Sampling</a> (2019)</li>
<li><a href="/wiki/BlueKeep" title="BlueKeep">BlueKeep</a> (2019)</li>
<li><a href="/wiki/Kr00k" title="Kr00k">Kr00k</a> (2019)</li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%"><a href="/wiki/Malware" title="Malware">Malware</a></th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em"></div><table class="nowraplinks navbox-subgroup" style="border-spacing:0"><tbody><tr><th scope="row" class="navbox-group" style="width:1%">2010</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Ransomware#Bad_Rabbit" title="Ransomware">Bad Rabbit</a></li>
<li><a href="/wiki/Stuxnet" title="Stuxnet">Stuxnet</a></li>
<li><a href="/wiki/SpyEye" title="SpyEye">SpyEye</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2011</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Kelihos_botnet" title="Kelihos botnet">Kelihos</a></li>
<li><a href="/wiki/Stars_virus" title="Stars virus">Stars</a></li>
<li><a href="/wiki/Metulji_botnet" title="Metulji botnet">Metulji botnet</a></li>
<li><a href="/wiki/Duqu" title="Duqu">Duqu</a></li>
<li><a href="/wiki/Alureon" title="Alureon">Alureon</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2012</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Mahdi_(malware)" title="Mahdi (malware)">Mahdi</a></li>
<li><a href="/wiki/Carna_botnet" title="Carna botnet">Carna</a></li>
<li><a href="/wiki/Flame_(malware)" title="Flame (malware)">Flame</a></li>
<li><a href="/wiki/FBI_MoneyPak_Ransomware" title="FBI MoneyPak Ransomware">FBI</a></li>
<li><a href="/wiki/Shamoon" title="Shamoon">Shamoon</a></li>
<li><a href="/wiki/Red_October_(malware)" title="Red October (malware)">Red October</a></li>
<li><a href="/wiki/Dexter_(malware)" title="Dexter (malware)">Dexter</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2013</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/DarkSeoul_(wiper)" class="mw-redirect" title="DarkSeoul (wiper)">DarkSeoul</a></li>
<li><a href="/wiki/CryptoLocker" title="CryptoLocker">CryptoLocker</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2014</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Careto_(malware)" title="Careto (malware)">Careto</a></li>
<li><a href="/wiki/DarkHotel" title="DarkHotel">DarkHotel</a></li>
<li><a href="/wiki/Duqu_2.0" title="Duqu 2.0">Duqu 2.0</a></li>
<li><a href="/wiki/FinFisher" title="FinFisher">FinFisher</a></li>
<li><a href="/wiki/Brambul" title="Brambul">Brambul</a></li>
<li><a href="/wiki/Gameover_ZeuS" title="Gameover ZeuS">Gameover ZeuS</a></li>
<li><a href="/wiki/Carbanak" title="Carbanak">Carbanak</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2015</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Dridex" title="Dridex">Dridex</a></li>
<li><a href="/wiki/Rombertik" title="Rombertik">Rombertik</a></li>
<li><a href="/wiki/TeslaCrypt" title="TeslaCrypt">TeslaCrypt</a></li>
<li><a href="/wiki/Hidden_Tear" title="Hidden Tear">Hidden Tear</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2016</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Hitler-Ransomware" title="Hitler-Ransomware">Hitler</a></li>
<li><a href="/wiki/Petya_(malware)" title="Petya (malware)">Petya</a> (<a href="/wiki/NotPetya" class="mw-redirect" title="NotPetya">NotPetya</a>)</li>
<li><a href="/wiki/KeRanger" title="KeRanger">KeRanger</a></li>
<li><a href="/wiki/Jigsaw_(ransomware)" title="Jigsaw (ransomware)">Jigsaw</a></li>
<li><a href="/wiki/MEMZ" title="MEMZ">MEMZ</a></li>
<li><a href="/wiki/Pegasus_(spyware)" title="Pegasus (spyware)">Pegasus</a></li>
<li><a class="mw-selflink selflink">Mirai</a></li>
<li><a href="/wiki/X-Agent" title="X-Agent">X-Agent</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2017</th><td class="navbox-list-with-group navbox-list navbox-even" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/LogicLocker" title="LogicLocker">LogicLocker</a></li>
<li><a href="/wiki/BrickerBot" title="BrickerBot">BrickerBot</a></li>
<li><a href="/wiki/Kirk_Ransomware" title="Kirk Ransomware">Kirk</a></li>
<li><a href="/wiki/Rensenware" title="Rensenware"><i>Rensenware</i> ransomware</a></li>
<li><a href="/wiki/WannaCry_ransomware_attack" title="WannaCry ransomware attack">WannaCry</a></li>
<li><a href="/wiki/Xafecopy_Trojan" title="Xafecopy Trojan">XafeCopy</a></li>
<li><a href="/wiki/Triton_(malware)" title="Triton (malware)">Triton</a></li></ul>
</div></td></tr><tr><th scope="row" class="navbox-group" style="width:1%">2019</th><td class="navbox-list-with-group navbox-list navbox-odd" style="width:100%;padding:0"><div style="padding:0 0.25em">
<ul><li><a href="/wiki/Grum_botnet" title="Grum botnet">Grum</a></li>
<li><a href="/wiki/Joanap" title="Joanap">Joanap</a></li>
<li><a href="/wiki/NetTraveler" title="NetTraveler">NetTraveler</a></li>
<li><a href="/wiki/NSA_ANT_catalog" title="NSA ANT catalog">NSA ANT catalog</a></li>
<li><a href="/wiki/Chaos_Computer_Club#Staatstrojaner_affair" title="Chaos Computer Club">R2D2</a></li>
<li><a href="/wiki/Regin_(malware)" title="Regin (malware)">Regin</a></li>
<li><a href="/wiki/Tinba" class="mw-redirect" title="Tinba">Tinba</a></li>
<li><a href="/wiki/Titanium_(malware)" title="Titanium (malware)">Titanium</a></li>
<li><a href="/wiki/Vault_7" title="Vault 7">Vault 7</a></li>
<li><a href="/wiki/ZeroAccess_botnet" title="ZeroAccess botnet">ZeroAccess botnet</a></li></ul>
</div></td></tr></tbody></table><div></div></td></tr></tbody></table></div>
<!-- 
NewPP limit report
Parsed by mw1349
Cached time: 20211221231023
Cache expiry: 1814400
Reduced expiry: false
Complications: [vary‐revision‐sha1]
CPU time usage: 0.951 seconds
Real time usage: 1.125 seconds
Preprocessor visited node count: 3365/1000000
Post‐expand include size: 176025/2097152 bytes
Template argument size: 2735/2097152 bytes
Highest expansion depth: 17/40
Expensive parser function count: 3/500
Unstrip recursion depth: 1/20
Unstrip post‐expand size: 173677/5000000 bytes
Lua time usage: 0.598/10.000 seconds
Lua memory usage: 21024475/52428800 bytes
Number of Wikibase entities loaded: 1/400
-->
<!--
Transclusion expansion time report (%,ms,calls,template)
100.00%  969.794      1 -total
 40.78%  395.517      1 Template:Reflist
 30.89%  299.582     43 Template:Cite_web
 16.51%  160.157      1 Template:Lang-ja
 14.59%  141.463      1 Template:Infobox_Software
 13.56%  131.459      1 Template:Infobox
 11.19%  108.568      4 Template:Navbox
  8.09%   78.491      1 Template:IoT_Malware
  7.84%   76.061      1 Template:Short_description
  5.65%   54.755      1 Template:Citation_needed
-->

<!-- Saved in parser cache with key enwiki:pcache:idhash:52046315-0!canonical and timestamp 20211221231022 and revision id 1061190577. Serialized with JSON.
 -->
</div><noscript><img src="//en.wikipedia.org/wiki/Special:CentralAutoLogin/start?type=1x1" alt="" title="" width="1" height="1" style="border: none; position: absolute;" /></noscript>
<div class="printfooter">Retrieved from "<a dir="ltr" href="https://en.wikipedia.org/w/index.php?title=Mirai_(malware)&amp;oldid=1061190577">https://en.wikipedia.org/w/index.php?title=Mirai_(malware)&amp;oldid=1061190577</a>"</div></div>
		<div id="catlinks" class="catlinks" data-mw="interface"><div id="mw-normal-catlinks" class="mw-normal-catlinks"><a href="/wiki/Help:Category" title="Help:Category">Categories</a>: <ul><li><a href="/wiki/Category:Denial-of-service_attacks" title="Category:Denial-of-service attacks">Denial-of-service attacks</a></li><li><a href="/wiki/Category:Botnets" title="Category:Botnets">Botnets</a></li><li><a href="/wiki/Category:Free_software" title="Category:Free software">Free software</a></li><li><a href="/wiki/Category:Free_software_programmed_in_C" title="Category:Free software programmed in C">Free software programmed in C</a></li><li><a href="/wiki/Category:Free_software_programmed_in_Go" title="Category:Free software programmed in Go">Free software programmed in Go</a></li><li><a href="/wiki/Category:IoT_malware" title="Category:IoT malware">IoT malware</a></li><li><a href="/wiki/Category:Linux_malware" title="Category:Linux malware">Linux malware</a></li></ul></div><div id="mw-hidden-catlinks" class="mw-hidden-catlinks mw-hidden-cats-hidden">Hidden categories: <ul><li><a href="/wiki/Category:CS1_maint:_archived_copy_as_title" title="Category:CS1 maint: archived copy as title">CS1 maint: archived copy as title</a></li><li><a href="/wiki/Category:Webarchive_template_wayback_links" title="Category:Webarchive template wayback links">Webarchive template wayback links</a></li><li><a href="/wiki/Category:Articles_with_short_description" title="Category:Articles with short description">Articles with short description</a></li><li><a href="/wiki/Category:Short_description_matches_Wikidata" title="Category:Short description matches Wikidata">Short description matches Wikidata</a></li><li><a href="/wiki/Category:Articles_containing_Japanese-language_text" title="Category:Articles containing Japanese-language text">Articles containing Japanese-language text</a></li><li><a href="/wiki/Category:All_articles_with_unsourced_statements" title="Category:All articles with unsourced statements">All articles with unsourced statements</a></li><li><a href="/wiki/Category:Articles_with_unsourced_statements_from_April_2018" title="Category:Articles with unsourced statements from April 2018">Articles with unsourced statements from April 2018</a></li></ul></div></div>
	</div>
</div>
<div id='mw-data-after-content'>
	<div class="read-more-container"></div>
</div>

<div id="mw-navigation">
	<h2>Navigation menu</h2>
	<div id="mw-head">
		<nav id="p-personal" class="mw-portlet mw-portlet-personal vector-user-menu-legacy vector-menu" aria-labelledby="p-personal-label" role="navigation" 
	 >
	<h3 id="p-personal-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Personal tools</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="pt-anonuserpage" class="mw-list-item"><span>Not logged in</span></li><li id="pt-anontalk" class="mw-list-item"><a href="/wiki/Special:MyTalk" title="Discussion about edits from this IP address [n]" accesskey="n"><span>Talk</span></a></li><li id="pt-anoncontribs" class="mw-list-item"><a href="/wiki/Special:MyContributions" title="A list of edits made from this IP address [y]" accesskey="y"><span>Contributions</span></a></li><li id="pt-createaccount" class="mw-list-item"><a href="/w/index.php?title=Special:CreateAccount&amp;returnto=Mirai+%28malware%29" title="You are encouraged to create an account and log in; however, it is not mandatory"><span>Create account</span></a></li><li id="pt-login" class="mw-list-item"><a href="/w/index.php?title=Special:UserLogin&amp;returnto=Mirai+%28malware%29" title="You&#039;re encouraged to log in; however, it&#039;s not mandatory. [o]" accesskey="o"><span>Log in</span></a></li></ul>
		
	</div>
</nav>

		<div id="left-navigation">
			<nav id="p-namespaces" class="mw-portlet mw-portlet-namespaces vector-menu vector-menu-tabs" aria-labelledby="p-namespaces-label" role="navigation" 
	 >
	<h3 id="p-namespaces-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Namespaces</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="ca-nstab-main" class="selected mw-list-item"><a href="/wiki/Mirai_(malware)" title="View the content page [c]" accesskey="c"><span>Article</span></a></li><li id="ca-talk" class="mw-list-item"><a href="/wiki/Talk:Mirai_(malware)" rel="discussion" title="Discuss improvements to the content page [t]" accesskey="t"><span>Talk</span></a></li></ul>
		
	</div>
</nav>

			<nav id="p-variants" class="mw-portlet mw-portlet-variants emptyPortlet vector-menu-dropdown-noicon vector-menu vector-menu-dropdown" aria-labelledby="p-variants-label" role="navigation" 
	 >
	<input type="checkbox"
		id="p-variants-checkbox"
		role="button"
		aria-haspopup="true"
		data-event-name="ui.dropdown-p-variants"
		class="vector-menu-checkbox" aria-labelledby="p-variants-label" />
	<h3 id="p-variants-label" aria-label="Change language variant" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Variants</span>
			<span class="vector-menu-checkbox-expanded">expanded</span>
			<span class="vector-menu-checkbox-collapsed">collapsed</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"></ul>
		
	</div>
</nav>

		</div>
		<div id="right-navigation">
			<nav id="p-views" class="mw-portlet mw-portlet-views vector-menu vector-menu-tabs" aria-labelledby="p-views-label" role="navigation" 
	 >
	<h3 id="p-views-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Views</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="ca-view" class="selected mw-list-item"><a href="/wiki/Mirai_(malware)"><span>Read</span></a></li><li id="ca-edit" class="mw-list-item"><a href="/w/index.php?title=Mirai_(malware)&amp;action=edit" title="Edit this page [e]" accesskey="e"><span>Edit</span></a></li><li id="ca-history" class="mw-list-item"><a href="/w/index.php?title=Mirai_(malware)&amp;action=history" title="Past revisions of this page [h]" accesskey="h"><span>View history</span></a></li></ul>
		
	</div>
</nav>

			<nav id="p-cactions" class="mw-portlet mw-portlet-cactions emptyPortlet vector-menu-dropdown-noicon vector-menu vector-menu-dropdown" aria-labelledby="p-cactions-label" role="navigation"  title="More options"
	 >
	<input type="checkbox"
		id="p-cactions-checkbox"
		role="button"
		aria-haspopup="true"
		data-event-name="ui.dropdown-p-cactions"
		class="vector-menu-checkbox" aria-labelledby="p-cactions-label" />
	<h3 id="p-cactions-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">More</span>
			<span class="vector-menu-checkbox-expanded">expanded</span>
			<span class="vector-menu-checkbox-collapsed">collapsed</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"></ul>
		
	</div>
</nav>

			<div id="p-search" role="search" class=" vector-search-box">
	<div>
			<h3 >
				<label for="searchInput">Search</label>
			</h3>
		<form action="/w/index.php" id="searchform"
			class="vector-search-box-form">
			<div id="simpleSearch"
				class="vector-search-box-inner"
				 data-search-loc="header-navigation">
				<input class="vector-search-box-input"
					 type="search" name="search" placeholder="Search Wikipedia" aria-label="Search Wikipedia" autocapitalize="sentences" title="Search Wikipedia [f]" accesskey="f" id="searchInput"
				/>
				<input type="hidden" name="title" value="Special:Search"/>
				<input id="mw-searchButton"
					 class="searchButton mw-fallbackSearchButton" type="submit" name="fulltext" title="Search Wikipedia for this text" value="Search" />
				<input id="searchButton"
					 class="searchButton" type="submit" name="go" title="Go to a page with this exact name if it exists" value="Go" />
			</div>
		</form>
	</div>
</div>

		</div>
	</div>
	
<div id="mw-panel">
	<div id="p-logo" role="banner">
		<a class="mw-wiki-logo" href="/wiki/Main_Page"
			title="Visit the main page"></a>
	</div>
	<nav id="p-navigation" class="mw-portlet mw-portlet-navigation vector-menu vector-menu-portal portal" aria-labelledby="p-navigation-label" role="navigation" 
	 >
	<h3 id="p-navigation-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Navigation</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="n-mainpage-description" class="mw-list-item"><a href="/wiki/Main_Page" title="Visit the main page [z]" accesskey="z"><span>Main page</span></a></li><li id="n-contents" class="mw-list-item"><a href="/wiki/Wikipedia:Contents" title="Guides to browsing Wikipedia"><span>Contents</span></a></li><li id="n-currentevents" class="mw-list-item"><a href="/wiki/Portal:Current_events" title="Articles related to current events"><span>Current events</span></a></li><li id="n-randompage" class="mw-list-item"><a href="/wiki/Special:Random" title="Visit a randomly selected article [x]" accesskey="x"><span>Random article</span></a></li><li id="n-aboutsite" class="mw-list-item"><a href="/wiki/Wikipedia:About" title="Learn about Wikipedia and how it works"><span>About Wikipedia</span></a></li><li id="n-contactpage" class="mw-list-item"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us" title="How to contact Wikipedia"><span>Contact us</span></a></li><li id="n-sitesupport" class="mw-list-item"><a href="https://donate.wikimedia.org/wiki/Special:FundraiserRedirector?utm_source=donate&amp;utm_medium=sidebar&amp;utm_campaign=C13_en.wikipedia.org&amp;uselang=en" title="Support us by donating to the Wikimedia Foundation"><span>Donate</span></a></li></ul>
		
	</div>
</nav>

	<nav id="p-interaction" class="mw-portlet mw-portlet-interaction vector-menu vector-menu-portal portal" aria-labelledby="p-interaction-label" role="navigation" 
	 >
	<h3 id="p-interaction-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Contribute</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="n-help" class="mw-list-item"><a href="/wiki/Help:Contents" title="Guidance on how to use and edit Wikipedia"><span>Help</span></a></li><li id="n-introduction" class="mw-list-item"><a href="/wiki/Help:Introduction" title="Learn how to edit Wikipedia"><span>Learn to edit</span></a></li><li id="n-portal" class="mw-list-item"><a href="/wiki/Wikipedia:Community_portal" title="The hub for editors"><span>Community portal</span></a></li><li id="n-recentchanges" class="mw-list-item"><a href="/wiki/Special:RecentChanges" title="A list of recent changes to Wikipedia [r]" accesskey="r"><span>Recent changes</span></a></li><li id="n-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_Upload_Wizard" title="Add images or other media for use on Wikipedia"><span>Upload file</span></a></li></ul>
		
	</div>
</nav>
<nav id="p-tb" class="mw-portlet mw-portlet-tb vector-menu vector-menu-portal portal" aria-labelledby="p-tb-label" role="navigation" 
	 >
	<h3 id="p-tb-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Tools</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="t-whatlinkshere" class="mw-list-item"><a href="/wiki/Special:WhatLinksHere/Mirai_(malware)" title="List of all English Wikipedia pages containing links to this page [j]" accesskey="j"><span>What links here</span></a></li><li id="t-recentchangeslinked" class="mw-list-item"><a href="/wiki/Special:RecentChangesLinked/Mirai_(malware)" rel="nofollow" title="Recent changes in pages linked from this page [k]" accesskey="k"><span>Related changes</span></a></li><li id="t-upload" class="mw-list-item"><a href="/wiki/Wikipedia:File_Upload_Wizard" title="Upload files [u]" accesskey="u"><span>Upload file</span></a></li><li id="t-specialpages" class="mw-list-item"><a href="/wiki/Special:SpecialPages" title="A list of all special pages [q]" accesskey="q"><span>Special pages</span></a></li><li id="t-permalink" class="mw-list-item"><a href="/w/index.php?title=Mirai_(malware)&amp;oldid=1061190577" title="Permanent link to this revision of this page"><span>Permanent link</span></a></li><li id="t-info" class="mw-list-item"><a href="/w/index.php?title=Mirai_(malware)&amp;action=info" title="More information about this page"><span>Page information</span></a></li><li id="t-cite" class="mw-list-item"><a href="/w/index.php?title=Special:CiteThisPage&amp;page=Mirai_%28malware%29&amp;id=1061190577&amp;wpFormIdentifier=titleform" title="Information on how to cite this page"><span>Cite this page</span></a></li><li id="t-wikibase" class="mw-list-item"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q27517815" title="Structured data on this page hosted by Wikidata [g]" accesskey="g"><span>Wikidata item</span></a></li></ul>
		
	</div>
</nav>
<nav id="p-coll-print_export" class="mw-portlet mw-portlet-coll-print_export vector-menu vector-menu-portal portal" aria-labelledby="p-coll-print_export-label" role="navigation" 
	 >
	<h3 id="p-coll-print_export-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Print/export</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li id="coll-download-as-rl" class="mw-list-item"><a href="/w/index.php?title=Special:DownloadAsPdf&amp;page=Mirai_%28malware%29&amp;action=show-download-screen" title="Download this page as a PDF file"><span>Download as PDF</span></a></li><li id="t-print" class="mw-list-item"><a href="/w/index.php?title=Mirai_(malware)&amp;printable=yes" title="Printable version of this page [p]" accesskey="p"><span>Printable version</span></a></li></ul>
		
	</div>
</nav>

	<nav id="p-lang" class="mw-portlet mw-portlet-lang vector-menu vector-menu-portal portal" aria-labelledby="p-lang-label" role="navigation" 
	 >
	<h3 id="p-lang-label" aria-label="" class="vector-menu-heading">
		<span class="vector-menu-heading-label">Languages</span>
	</h3>
	<div class="vector-menu-content">
		
		<ul class="vector-menu-content-list"><li class="interlanguage-link interwiki-cs mw-list-item"><a href="https://cs.wikipedia.org/wiki/Mirai_(malware)" title="Mirai (malware) – Czech" lang="cs" hreflang="cs" class="interlanguage-link-target"><span>Čeština</span></a></li><li class="interlanguage-link interwiki-de mw-list-item"><a href="https://de.wikipedia.org/wiki/Mirai_(Computerwurm)" title="Mirai (Computerwurm) – German" lang="de" hreflang="de" class="interlanguage-link-target"><span>Deutsch</span></a></li><li class="interlanguage-link interwiki-es mw-list-item"><a href="https://es.wikipedia.org/wiki/Mirai_(malware)" title="Mirai (malware) – Spanish" lang="es" hreflang="es" class="interlanguage-link-target"><span>Español</span></a></li><li class="interlanguage-link interwiki-fa mw-list-item"><a href="https://fa.wikipedia.org/wiki/%D8%A8%D8%AF%D8%A7%D9%81%D8%B2%D8%A7%D8%B1_%D9%85%DB%8C%D8%B1%D8%A7" title="بدافزار میرا – Persian" lang="fa" hreflang="fa" class="interlanguage-link-target"><span>فارسی</span></a></li><li class="interlanguage-link interwiki-fr mw-list-item"><a href="https://fr.wikipedia.org/wiki/Mirai_(logiciel_malveillant)" title="Mirai (logiciel malveillant) – French" lang="fr" hreflang="fr" class="interlanguage-link-target"><span>Français</span></a></li><li class="interlanguage-link interwiki-it mw-list-item"><a href="https://it.wikipedia.org/wiki/Mirai_(malware)" title="Mirai (malware) – Italian" lang="it" hreflang="it" class="interlanguage-link-target"><span>Italiano</span></a></li><li class="interlanguage-link interwiki-lmo mw-list-item"><a href="https://lmo.wikipedia.org/wiki/Mirai" title="Mirai – Lombard" lang="lmo" hreflang="lmo" class="interlanguage-link-target"><span>Lombard</span></a></li><li class="interlanguage-link interwiki-nl mw-list-item"><a href="https://nl.wikipedia.org/wiki/Mirai_(malware)" title="Mirai (malware) – Dutch" lang="nl" hreflang="nl" class="interlanguage-link-target"><span>Nederlands</span></a></li><li class="interlanguage-link interwiki-ja mw-list-item"><a href="https://ja.wikipedia.org/wiki/Mirai_(%E3%83%9E%E3%83%AB%E3%82%A6%E3%82%A7%E3%82%A2)" title="Mirai (マルウェア) – Japanese" lang="ja" hreflang="ja" class="interlanguage-link-target"><span>日本語</span></a></li><li class="interlanguage-link interwiki-ru mw-list-item"><a href="https://ru.wikipedia.org/wiki/Mirai_(%D0%B1%D0%BE%D1%82%D0%BD%D0%B5%D1%82)" title="Mirai (ботнет) – Russian" lang="ru" hreflang="ru" class="interlanguage-link-target"><span>Русский</span></a></li><li class="interlanguage-link interwiki-uk mw-list-item"><a href="https://uk.wikipedia.org/wiki/Mirai_(%D0%B1%D0%BE%D1%82%D0%BD%D0%B5%D1%82)" title="Mirai (ботнет) – Ukrainian" lang="uk" hreflang="uk" class="interlanguage-link-target"><span>Українська</span></a></li><li class="interlanguage-link interwiki-zh mw-list-item"><a href="https://zh.wikipedia.org/wiki/Mirai_(%E6%81%B6%E6%84%8F%E8%BD%AF%E4%BB%B6)" title="Mirai (恶意软件) – Chinese" lang="zh" hreflang="zh" class="interlanguage-link-target"><span>中文</span></a></li></ul>
		<div class="after-portlet after-portlet-lang"><span class="wb-langlinks-edit wb-langlinks-link"><a href="https://www.wikidata.org/wiki/Special:EntityPage/Q27517815#sitelinks-wikipedia" title="Edit interlanguage links" class="wbc-editpage">Edit links</a></span></div>
	</div>
</nav>

</div>

</div>
<footer id="footer" class="mw-footer" role="contentinfo" >
	<ul id="footer-info">
	<li id="footer-info-lastmod"> This page was last edited on 20 December 2021, at 05:39<span class="anonymous-show">&#160;(UTC)</span>.</li>
	<li id="footer-info-copyright">Text is available under the <a rel="license" href="//en.wikipedia.org/wiki/Wikipedia:Text_of_Creative_Commons_Attribution-ShareAlike_3.0_Unported_License">Creative Commons Attribution-ShareAlike License</a><a rel="license" href="//creativecommons.org/licenses/by-sa/3.0/" style="display:none;"></a>;
additional terms may apply.  By using this site, you agree to the <a href="//foundation.wikimedia.org/wiki/Terms_of_Use">Terms of Use</a> and <a href="//foundation.wikimedia.org/wiki/Privacy_policy">Privacy Policy</a>. Wikipedia® is a registered trademark of the <a href="//www.wikimediafoundation.org/">Wikimedia Foundation, Inc.</a>, a non-profit organization.</li>
</ul>

	<ul id="footer-places">
	<li id="footer-places-privacy"><a href="https://foundation.wikimedia.org/wiki/Privacy_policy" class="extiw" title="wmf:Privacy policy">Privacy policy</a></li>
	<li id="footer-places-about"><a href="/wiki/Wikipedia:About" title="Wikipedia:About">About Wikipedia</a></li>
	<li id="footer-places-disclaimer"><a href="/wiki/Wikipedia:General_disclaimer" title="Wikipedia:General disclaimer">Disclaimers</a></li>
	<li id="footer-places-contact"><a href="//en.wikipedia.org/wiki/Wikipedia:Contact_us">Contact Wikipedia</a></li>
	<li id="footer-places-mobileview"><a href="//en.m.wikipedia.org/w/index.php?title=Mirai_(malware)&amp;mobileaction=toggle_view_mobile" class="noprint stopMobileRedirectToggle">Mobile view</a></li>
	<li id="footer-places-developers"><a href="https://www.mediawiki.org/wiki/Special:MyLanguage/How_to_contribute">Developers</a></li>
	<li id="footer-places-statslink"><a href="https://stats.wikimedia.org/#/en.wikipedia.org">Statistics</a></li>
	<li id="footer-places-cookiestatement"><a href="https://foundation.wikimedia.org/wiki/Cookie_statement">Cookie statement</a></li>
</ul>

	<ul id="footer-icons" class="noprint">
	<li id="footer-copyrightico"><a href="https://wikimediafoundation.org/"><img src="/static/images/footer/wikimedia-button.png" srcset="/static/images/footer/wikimedia-button-1.5x.png 1.5x, /static/images/footer/wikimedia-button-2x.png 2x" width="88" height="31" alt="Wikimedia Foundation" loading="lazy" /></a></li>
	<li id="footer-poweredbyico"><a href="https://www.mediawiki.org/"><img src="/static/images/footer/poweredby_mediawiki_88x31.png" alt="Powered by MediaWiki" srcset="/static/images/footer/poweredby_mediawiki_132x47.png 1.5x, /static/images/footer/poweredby_mediawiki_176x62.png 2x" width="88" height="31" loading="lazy"/></a></li>
</ul>

</footer>

<script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgPageParseReport":{"limitreport":{"cputime":"0.951","walltime":"1.125","ppvisitednodes":{"value":3365,"limit":1000000},"postexpandincludesize":{"value":176025,"limit":2097152},"templateargumentsize":{"value":2735,"limit":2097152},"expansiondepth":{"value":17,"limit":40},"expensivefunctioncount":{"value":3,"limit":500},"unstrip-depth":{"value":1,"limit":20},"unstrip-size":{"value":173677,"limit":5000000},"entityaccesscount":{"value":1,"limit":400},"timingprofile":["100.00%  969.794      1 -total"," 40.78%  395.517      1 Template:Reflist"," 30.89%  299.582     43 Template:Cite_web"," 16.51%  160.157      1 Template:Lang-ja"," 14.59%  141.463      1 Template:Infobox_Software"," 13.56%  131.459      1 Template:Infobox"," 11.19%  108.568      4 Template:Navbox","  8.09%   78.491      1 Template:IoT_Malware","  7.84%   76.061      1 Template:Short_description","  5.65%   54.755      1 Template:Citation_needed"]},"scribunto":{"limitreport-timeusage":{"value":"0.598","limit":"10.000"},"limitreport-memusage":{"value":21024475,"limit":52428800}},"cachereport":{"origin":"mw1349","timestamp":"20211221231023","ttl":1814400,"transientcontent":false}}});});</script>
<script type="application/ld+json">{"@context":"https:\/\/schema.org","@type":"Article","name":"Mirai (malware)","url":"https:\/\/en.wikipedia.org\/wiki\/Mirai_(malware)","sameAs":"http:\/\/www.wikidata.org\/entity\/Q27517815","mainEntity":"http:\/\/www.wikidata.org\/entity\/Q27517815","author":{"@type":"Organization","name":"Contributors to Wikimedia projects"},"publisher":{"@type":"Organization","name":"Wikimedia Foundation, Inc.","logo":{"@type":"ImageObject","url":"https:\/\/www.wikimedia.org\/static\/images\/wmf-hor-googpub.png"}},"datePublished":"2016-10-20T03:26:55Z","dateModified":"2021-12-20T05:39:33Z","headline":"malware that turns computer systems running Linux into remotely controlled \"bots\""}</script>
<script>(RLQ=window.RLQ||[]).push(function(){mw.config.set({"wgBackendResponseTime":125,"wgHostname":"mw1413"});});</script>
</body>
</html>